[lxc-devel] [lxc/master] tree-wide: hide unnecessary symbols
brauner on Github
lxc-bot at linuxcontainers.org
Mon Jul 20 17:06:29 UTC 2020
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 427 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200720/06739377/attachment-0001.bin>
-------------- next part --------------
From 63c2a0bf06d5ddd7cbbc908ea1e403b69f4b6a0c Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Sat, 18 Jul 2020 19:07:31 +0200
Subject: [PATCH 01/17] confile: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 25 +++++++++++++++++++
src/lxc/confile.h | 57 ++++++++++++++++++++-----------------------
src/tests/Makefile.am | 18 +++++++++++++-
3 files changed, 68 insertions(+), 32 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 814d96d210..4adcc679d7 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -334,6 +334,7 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
rexec.c rexec.h \
string_utils.c string_utils.h
lxc_autostart_SOURCES = tools/lxc_autostart.c \
@@ -341,60 +342,70 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_config_SOURCES = tools/lxc_config.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_console_SOURCES = tools/lxc_console.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_destroy_SOURCES = tools/lxc_destroy.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_device_SOURCES = tools/lxc_device.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_execute_SOURCES = tools/lxc_execute.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_freeze_SOURCES = tools/lxc_freeze.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_info_SOURCES = tools/lxc_info.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_monitor_SOURCES = tools/lxc_monitor.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
macro.h \
string_utils.c string_utils.h
lxc_ls_SOURCES = tools/lxc_ls.c \
@@ -402,6 +413,7 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
memory_utils.h \
string_utils.c string_utils.h
lxc_copy_SOURCES = tools/lxc_copy.c \
@@ -409,6 +421,7 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
lxc_start_SOURCES = tools/lxc_start.c \
@@ -416,30 +429,35 @@ lxc_start_SOURCES = tools/lxc_start.c \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_stop_SOURCES = tools/lxc_stop.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_top_SOURCES = tools/lxc_top.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_unshare_SOURCES = tools/lxc_unshare.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -448,12 +466,14 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_create_SOURCES = tools/lxc_create.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
@@ -461,12 +481,14 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
string_utils.c string_utils.h
endif
@@ -488,6 +510,7 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
log.c log.h \
mainloop.c mainloop.h \
monitor.c monitor.h \
@@ -500,6 +523,7 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
log.c log.h \
memory_utils.h \
network.c network.h \
@@ -514,6 +538,7 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
af_unix.c af_unix.h \
caps.c caps.h \
conf.c conf.h \
+ confile.c confile.h \
file_utils.c file_utils.h \
list.h \
log.c log.h \
diff --git a/src/lxc/confile.h b/src/lxc/confile.h
index a457c9a17f..df80f639a3 100644
--- a/src/lxc/confile.h
+++ b/src/lxc/confile.h
@@ -45,66 +45,61 @@ struct new_config_item {
};
/* Get the jump table entry for the given configuration key. */
-extern struct lxc_config_t *lxc_get_config(const char *key);
+__hidden extern struct lxc_config_t *lxc_get_config(const char *key);
/* List all available config items. */
-extern int lxc_list_config_items(char *retv, int inlen)
+__hidden extern int lxc_list_config_items(char *retv, int inlen)
__access_rw(1, 2);
/* Given a configuration key namespace (e.g. lxc.apparmor) list all associated
* subkeys for that namespace.
* Must be implemented when adding a new configuration key.
*/
-extern int lxc_list_subkeys(struct lxc_conf *conf, const char *key, char *retv,
- int inlen)
-__access_rw(3, 4);
+__hidden extern int lxc_list_subkeys(struct lxc_conf *conf, const char *key, char *retv, int inlen)
+ __access_rw(3, 4);
/* List all configuration items associated with a given network. For example
* pass "lxc.net.[i]" to retrieve all configuration items associated with
* the network associated with index [i].
*/
-extern int lxc_list_net(struct lxc_conf *c, const char *key, char *retv,
- int inlen)
-__access_rw(3, 4);
+__hidden extern int lxc_list_net(struct lxc_conf *c, const char *key, char *retv, int inlen)
+ __access_rw(3, 4);
-extern int lxc_config_read(const char *file, struct lxc_conf *conf,
- bool from_include);
+__hidden extern int lxc_config_read(const char *file, struct lxc_conf *conf, bool from_include);
-extern int append_unexp_config_line(const char *line, struct lxc_conf *conf);
+__hidden extern int append_unexp_config_line(const char *line, struct lxc_conf *conf);
-extern int lxc_config_define_add(struct lxc_list *defines, char* arg);
+__hidden extern int lxc_config_define_add(struct lxc_list *defines, char *arg);
-extern bool lxc_config_define_load(struct lxc_list *defines,
- struct lxc_container *c);
+__hidden extern bool lxc_config_define_load(struct lxc_list *defines, struct lxc_container *c);
-extern void lxc_config_define_free(struct lxc_list *defines);
+__hidden extern void lxc_config_define_free(struct lxc_list *defines);
/* needed for lxc-attach */
-extern signed long lxc_config_parse_arch(const char *arch);
+__hidden extern signed long lxc_config_parse_arch(const char *arch);
-extern int lxc_fill_elevated_privileges(char *flaglist, int *flags);
+__hidden extern int lxc_fill_elevated_privileges(char *flaglist, int *flags);
-extern int lxc_clear_config_item(struct lxc_conf *c, const char *key);
+__hidden extern int lxc_clear_config_item(struct lxc_conf *c, const char *key);
-extern int write_config(int fd, const struct lxc_conf *conf);
+__hidden extern int write_config(int fd, const struct lxc_conf *conf);
-extern bool do_append_unexp_config_line(struct lxc_conf *conf, const char *key,
- const char *v);
+__hidden extern bool do_append_unexp_config_line(struct lxc_conf *conf, const char *key,
+ const char *v);
/* These are used when cloning a container */
-extern void clear_unexp_config_line(struct lxc_conf *conf, const char *key,
- bool rm_subkeys);
+__hidden extern void clear_unexp_config_line(struct lxc_conf *conf, const char *key, bool rm_subkeys);
-extern bool clone_update_unexp_hooks(struct lxc_conf *conf, const char *oldpath,
- const char *newpath, const char *oldname,
- const char *newmame);
+__hidden extern bool clone_update_unexp_hooks(struct lxc_conf *conf, const char *oldpath,
+ const char *newpath, const char *oldname,
+ const char *newmame);
-bool clone_update_unexp_ovl_paths(struct lxc_conf *conf, const char *oldpath,
- const char *newpath, const char *oldname,
- const char *newname, const char *ovldir);
+__hidden extern bool clone_update_unexp_ovl_paths(struct lxc_conf *conf, const char *oldpath,
+ const char *newpath, const char *oldname,
+ const char *newname, const char *ovldir);
-extern bool network_new_hwaddrs(struct lxc_conf *conf);
+__hidden extern bool network_new_hwaddrs(struct lxc_conf *conf);
-extern int add_elem_to_mount_list(const char *value, struct lxc_conf *lxc_conf);
+__hidden extern int add_elem_to_mount_list(const char *value, struct lxc_conf *lxc_conf);
#endif /* __LXC_CONFILE_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 0380f89b57..78a7b1aa00 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -8,12 +8,25 @@ lxc_test_attach_SOURCES = attach.c
lxc_test_basic_SOURCES = basic.c
lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/af_unix.c ../lxc/af_unix.h \
+ ../lxc/caps.c ../lxc/caps.h \
../lxc/commands.c ../lxc/commands.h \
../lxc/commands_utils.c ../lxc/commands_utils.h \
+ ../lxc/conf.c ../lxc/conf.h \
+ ../lxc/confile.c ../lxc/confile.h \
+ ../lxc/network.c ../lxc/network.h \
+ ../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
lxc_test_clonetest_SOURCES = clonetest.c
lxc_test_concurrent_SOURCES = concurrent.c
-lxc_test_config_jump_table_SOURCES = config_jump_table.c lxctest.h
+lxc_test_config_jump_table_SOURCES = config_jump_table.c \
+ lxctest.h \
+ ../lxc/af_unix.c ../lxc/af_unix.h \
+ ../lxc/caps.c ../lxc/caps.h \
+ ../lxc/conf.c ../lxc/conf.h \
+ ../lxc/confile.c ../lxc/confile.h \
+ ../lxc/network.c ../lxc/network.h \
+ ../lxc/nl.c ../lxc/nl.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h
lxc_test_console_SOURCES = console.c
lxc_test_console_log_SOURCES = console_log.c lxctest.h
lxc_test_containertests_SOURCES = containertests.c
@@ -56,12 +69,15 @@ AM_CFLAGS=-DLXCROOTFSMOUNT=\"$(LXCROOTFSMOUNT)\" \
-DLXCPATH=\"$(LXCPATH)\" \
-DLXC_GLOBAL_CONF=\"$(LXC_GLOBAL_CONF)\" \
-DLXCINITDIR=\"$(LXCINITDIR)\" \
+ -DLIBEXECDIR=\"$(LIBEXECDIR)\" \
-DLXC_DEFAULT_CONFIG=\"$(LXC_DEFAULT_CONFIG)\" \
-DRUNTIME_PATH=\"$(RUNTIME_PATH)\" \
+ -DSBINDIR=\"$(SBINDIR)\" \
-I $(top_srcdir)/src \
-I $(top_srcdir)/src/lxc \
-I $(top_srcdir)/src/lxc/cgroups \
-I $(top_srcdir)/src/lxc/tools \
+ -I $(top_srcdir)/src/lxc/storage \
-pthread
if ENABLE_APPARMOR
From f64e249db789bbe05e8228f07032b34b06158f77 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 16:10:28 +0200
Subject: [PATCH 02/17] confile_utils: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 25 ++++++++++++++
src/lxc/confile_utils.h | 74 +++++++++++++++++++----------------------
src/tests/Makefile.am | 28 ++++++++++++++--
3 files changed, 85 insertions(+), 42 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 4adcc679d7..de22ab0cdf 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -335,6 +335,7 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
rexec.c rexec.h \
string_utils.c string_utils.h
lxc_autostart_SOURCES = tools/lxc_autostart.c \
@@ -343,6 +344,7 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
tools/arguments.c tools/arguments.h \
@@ -350,6 +352,7 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_config_SOURCES = tools/lxc_config.c \
tools/arguments.c tools/arguments.h \
@@ -357,6 +360,7 @@ lxc_config_SOURCES = tools/lxc_config.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_console_SOURCES = tools/lxc_console.c \
tools/arguments.c tools/arguments.h \
@@ -364,6 +368,7 @@ lxc_console_SOURCES = tools/lxc_console.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_destroy_SOURCES = tools/lxc_destroy.c \
tools/arguments.c tools/arguments.h \
@@ -371,6 +376,7 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_device_SOURCES = tools/lxc_device.c \
tools/arguments.c tools/arguments.h \
@@ -378,6 +384,7 @@ lxc_device_SOURCES = tools/lxc_device.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_execute_SOURCES = tools/lxc_execute.c \
tools/arguments.c tools/arguments.h \
@@ -385,6 +392,7 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_freeze_SOURCES = tools/lxc_freeze.c \
tools/arguments.c tools/arguments.h \
@@ -392,6 +400,7 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_info_SOURCES = tools/lxc_info.c \
tools/arguments.c tools/arguments.h \
@@ -399,6 +408,7 @@ lxc_info_SOURCES = tools/lxc_info.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_monitor_SOURCES = tools/lxc_monitor.c \
tools/arguments.c tools/arguments.h \
@@ -406,6 +416,7 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
macro.h \
string_utils.c string_utils.h
lxc_ls_SOURCES = tools/lxc_ls.c \
@@ -414,6 +425,7 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
memory_utils.h \
string_utils.c string_utils.h
lxc_copy_SOURCES = tools/lxc_copy.c \
@@ -422,6 +434,7 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
lxc_start_SOURCES = tools/lxc_start.c \
@@ -430,6 +443,7 @@ lxc_start_SOURCES = tools/lxc_start.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_stop_SOURCES = tools/lxc_stop.c \
tools/arguments.c tools/arguments.h \
@@ -437,6 +451,7 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_top_SOURCES = tools/lxc_top.c \
tools/arguments.c tools/arguments.h \
@@ -444,6 +459,7 @@ lxc_top_SOURCES = tools/lxc_top.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
tools/arguments.c tools/arguments.h \
@@ -451,6 +467,7 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_unshare_SOURCES = tools/lxc_unshare.c \
tools/arguments.c tools/arguments.h \
@@ -458,6 +475,7 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -467,6 +485,7 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_create_SOURCES = tools/lxc_create.c \
tools/arguments.c tools/arguments.h \
@@ -474,6 +493,7 @@ lxc_create_SOURCES = tools/lxc_create.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
@@ -482,6 +502,7 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
tools/arguments.c tools/arguments.h \
@@ -489,6 +510,7 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
string_utils.c string_utils.h
endif
@@ -511,6 +533,7 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
log.c log.h \
mainloop.c mainloop.h \
monitor.c monitor.h \
@@ -524,6 +547,7 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
log.c log.h \
memory_utils.h \
network.c network.h \
@@ -539,6 +563,7 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
caps.c caps.h \
conf.c conf.h \
confile.c confile.h \
+ confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
list.h \
log.c log.h \
diff --git a/src/lxc/confile_utils.h b/src/lxc/confile_utils.h
index 7c59deae5a..3da1f462a3 100644
--- a/src/lxc/confile_utils.h
+++ b/src/lxc/confile_utils.h
@@ -29,48 +29,44 @@
} \
} while (0);
-extern int parse_idmaps(const char *idmap, char *type, unsigned long *nsid,
- unsigned long *hostid, unsigned long *range);
+__hidden extern int parse_idmaps(const char *idmap, char *type, unsigned long *nsid,
+ unsigned long *hostid, unsigned long *range);
-extern bool lxc_config_value_empty(const char *value);
-extern struct lxc_netdev *lxc_network_add(struct lxc_list *networks, int idx,
- bool tail);
-extern struct lxc_netdev *
-lxc_get_netdev_by_idx(struct lxc_conf *conf, unsigned int idx, bool allocate);
-extern void lxc_log_configured_netdevs(const struct lxc_conf *conf);
-extern bool lxc_remove_nic_by_idx(struct lxc_conf *conf, unsigned int idx);
-extern void lxc_free_networks(struct lxc_list *networks);
-extern int lxc_veth_mode_to_flag(int *mode, const char *value);
-extern char *lxc_veth_flag_to_mode(int mode);
-extern int lxc_macvlan_mode_to_flag(int *mode, const char *value);
-extern char *lxc_macvlan_flag_to_mode(int mode);
-extern int lxc_ipvlan_mode_to_flag(int *mode, const char *value);
-extern char *lxc_ipvlan_flag_to_mode(int mode);
-extern int lxc_ipvlan_isolation_to_flag(int *mode, const char *value);
-extern char *lxc_ipvlan_flag_to_isolation(int mode);
+__hidden extern bool lxc_config_value_empty(const char *value);
+__hidden extern struct lxc_netdev *lxc_network_add(struct lxc_list *networks, int idx, bool tail);
+__hidden extern struct lxc_netdev *lxc_get_netdev_by_idx(struct lxc_conf *conf, unsigned int idx,
+ bool allocate);
+__hidden extern void lxc_log_configured_netdevs(const struct lxc_conf *conf);
+__hidden extern bool lxc_remove_nic_by_idx(struct lxc_conf *conf, unsigned int idx);
+__hidden extern void lxc_free_networks(struct lxc_list *networks);
+__hidden extern int lxc_veth_mode_to_flag(int *mode, const char *value);
+__hidden extern char *lxc_veth_flag_to_mode(int mode);
+__hidden extern int lxc_macvlan_mode_to_flag(int *mode, const char *value);
+__hidden extern char *lxc_macvlan_flag_to_mode(int mode);
+__hidden extern int lxc_ipvlan_mode_to_flag(int *mode, const char *value);
+__hidden extern char *lxc_ipvlan_flag_to_mode(int mode);
+__hidden extern int lxc_ipvlan_isolation_to_flag(int *mode, const char *value);
+__hidden extern char *lxc_ipvlan_flag_to_isolation(int mode);
-extern int set_config_string_item(char **conf_item, const char *value);
-extern int set_config_string_item_max(char **conf_item, const char *value,
- size_t max)
-__access_r(2, 3);
+__hidden extern int set_config_string_item(char **conf_item, const char *value);
+__hidden extern int set_config_string_item_max(char **conf_item, const char *value, size_t max)
+ __access_r(2, 3);
-extern int set_config_path_item(char **conf_item, const char *value);
-extern int set_config_bool_item(bool *conf_item, const char *value,
- bool empty_conf_action);
-extern int config_ip_prefix(struct in_addr *addr);
-extern int network_ifname(char *valuep, const char *value, size_t size)
-__access_r(2, 3);
+__hidden extern int set_config_path_item(char **conf_item, const char *value);
+__hidden extern int set_config_bool_item(bool *conf_item, const char *value, bool empty_conf_action);
+__hidden extern int config_ip_prefix(struct in_addr *addr);
+__hidden extern int network_ifname(char *valuep, const char *value, size_t size) __access_r(2, 3);
-extern void rand_complete_hwaddr(char *hwaddr);
-extern bool lxc_config_net_is_hwaddr(const char *line);
-extern bool new_hwaddr(char *hwaddr);
-extern int lxc_get_conf_str(char *retv, int inlen, const char *value);
-extern int lxc_get_conf_bool(struct lxc_conf *c, char *retv, int inlen, bool v);
-extern int lxc_get_conf_int(struct lxc_conf *c, char *retv, int inlen, int v);
-extern int lxc_get_conf_size_t(struct lxc_conf *c, char *retv, int inlen, size_t v);
-extern int lxc_get_conf_uint64(struct lxc_conf *c, char *retv, int inlen, uint64_t v);
-extern int lxc_inherit_namespace(const char *lxcname_or_pid,
- const char *lxcpath, const char *namespace);
-extern int sig_parse(const char *signame);
+__hidden extern void rand_complete_hwaddr(char *hwaddr);
+__hidden extern bool lxc_config_net_is_hwaddr(const char *line);
+__hidden extern bool new_hwaddr(char *hwaddr);
+__hidden extern int lxc_get_conf_str(char *retv, int inlen, const char *value);
+__hidden extern int lxc_get_conf_bool(struct lxc_conf *c, char *retv, int inlen, bool v);
+__hidden extern int lxc_get_conf_int(struct lxc_conf *c, char *retv, int inlen, int v);
+__hidden extern int lxc_get_conf_size_t(struct lxc_conf *c, char *retv, int inlen, size_t v);
+__hidden extern int lxc_get_conf_uint64(struct lxc_conf *c, char *retv, int inlen, uint64_t v);
+__hidden extern int lxc_inherit_namespace(const char *lxcname_or_pid, const char *lxcpath,
+ const char *namespace);
+__hidden extern int sig_parse(const char *signame);
#endif /* __LXC_CONFILE_UTILS_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 78a7b1aa00..bdf8fdcce6 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -13,6 +13,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/commands_utils.c ../lxc/commands_utils.h \
../lxc/conf.c ../lxc/conf.h \
../lxc/confile.c ../lxc/confile.h \
+ ../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -22,8 +23,11 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
lxctest.h \
../lxc/af_unix.c ../lxc/af_unix.h \
../lxc/caps.c ../lxc/caps.h \
+ ../lxc/commands.c ../lxc/commands.h \
+ ../lxc/commands_utils.c ../lxc/commands_utils.h \
../lxc/conf.c ../lxc/conf.h \
../lxc/confile.c ../lxc/confile.h \
+ ../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -43,7 +47,15 @@ lxc_test_lxcpath_SOURCES = lxcpath.c
lxc_test_may_control_SOURCES = may_control.c
lxc_test_mount_injection_SOURCES = mount_injection.c lxctest.h
lxc_test_parse_config_file_SOURCES = parse_config_file.c \
- lxctest.h
+ lxctest.h \
+ ../lxc/af_unix.c ../lxc/af_unix.h \
+ ../lxc/caps.c ../lxc/caps.h \
+ ../lxc/conf.c ../lxc/conf.h \
+ ../lxc/confile.c ../lxc/confile.h \
+ ../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/network.c ../lxc/network.h \
+ ../lxc/nl.c ../lxc/nl.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h
lxc_test_raw_clone_SOURCES = lxc_raw_clone.c \
lxctest.h \
../lxc/namespace.c ../lxc/namespace.h \
@@ -62,8 +74,18 @@ lxc_test_startone_SOURCES = startone.c
lxc_test_state_server_SOURCES = state_server.c \
lxctest.h \
../lxc/compiler.h
-lxc_test_utils_SOURCES = lxc-test-utils.c lxctest.h \
- ../lxc/string_utils.c ../lxc/string_utils.h
+lxc_test_utils_SOURCES = lxc-test-utils.c \
+ lxctest.h \
+ ../lxc/af_unix.c ../lxc/af_unix.h \
+ ../lxc/caps.c ../lxc/caps.h \
+ ../lxc/commands.c ../lxc/commands.h \
+ ../lxc/commands_utils.c ../lxc/commands_utils.h \
+ ../lxc/conf.c ../lxc/conf.h \
+ ../lxc/confile.c ../lxc/confile.h \
+ ../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/network.c ../lxc/network.h \
+ ../lxc/nl.c ../lxc/nl.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h
AM_CFLAGS=-DLXCROOTFSMOUNT=\"$(LXCROOTFSMOUNT)\" \
-DLXCPATH=\"$(LXCPATH)\" \
From 590b39e50bbd8fff52efad3b39e0edf359121301 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 16:11:14 +0200
Subject: [PATCH 03/17] criu: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/criu.h | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/lxc/criu.h b/src/lxc/criu.h
index 3411542aee..2e0ca7febb 100644
--- a/src/lxc/criu.h
+++ b/src/lxc/criu.h
@@ -7,9 +7,9 @@
#include <lxc/lxccontainer.h>
-extern bool __criu_pre_dump(struct lxc_container *c, struct migrate_opts *opts);
-extern bool __criu_dump(struct lxc_container *c, struct migrate_opts *opts);
-extern bool __criu_restore(struct lxc_container *c, struct migrate_opts *opts);
-extern bool __criu_check_feature(uint64_t *features_to_check);
+__hidden extern bool __criu_pre_dump(struct lxc_container *c, struct migrate_opts *opts);
+__hidden extern bool __criu_dump(struct lxc_container *c, struct migrate_opts *opts);
+__hidden extern bool __criu_restore(struct lxc_container *c, struct migrate_opts *opts);
+__hidden extern bool __criu_check_feature(uint64_t *features_to_check);
#endif
From a10ce5a8a5cee0abfc8b5c44b3d1fb66712d2f25 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 16:11:48 +0200
Subject: [PATCH 04/17] error: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 2 +-
src/lxc/error.c | 2 +-
src/lxc/error.h | 4 +++-
3 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index de22ab0cdf..d1a4498cda 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -518,7 +518,7 @@ if ENABLE_COMMANDS
# Binaries shipping with liblxc
init_lxc_SOURCES = cmd/lxc_init.c \
compiler.h \
- error.h \
+ error.c error.h \
initutils.c initutils.h \
memory_utils.h \
parse.c parse.h \
diff --git a/src/lxc/error.c b/src/lxc/error.c
index 6e49eca2da..51fe5092aa 100644
--- a/src/lxc/error.c
+++ b/src/lxc/error.c
@@ -18,7 +18,7 @@ lxc_log_define(error, lxc);
* 128+n signal n received by the application
* 255 lxc error
*/
-extern int lxc_error_set_and_log(int pid, int status)
+int lxc_error_set_and_log(int pid, int status)
{
int ret = 0;
diff --git a/src/lxc/error.h b/src/lxc/error.h
index 49323d5bfc..3934585201 100644
--- a/src/lxc/error.h
+++ b/src/lxc/error.h
@@ -6,6 +6,8 @@
#define LXC_CLONE_ERROR "Failed to clone a new set of namespaces"
#define LXC_UNPRIV_EOPNOTSUPP "the requested function %s is not currently supported with unprivileged containers"
-extern int lxc_error_set_and_log(int pid, int status);
+#include "compiler.h"
+
+__hidden extern int lxc_error_set_and_log(int pid, int status);
#endif
From 4a9ee78a84589118d5ff3bf2fa94caa4adca2ffc Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 16:21:38 +0200
Subject: [PATCH 05/17] file_utils: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 26 +++++++++++-
src/lxc/file_utils.h | 92 +++++++++++++++++++------------------------
src/tests/Makefile.am | 39 ++++++++++++++++--
3 files changed, 101 insertions(+), 56 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index d1a4498cda..0cb3be1680 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -336,6 +336,7 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
rexec.c rexec.h \
string_utils.c string_utils.h
lxc_autostart_SOURCES = tools/lxc_autostart.c \
@@ -345,6 +346,7 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
tools/arguments.c tools/arguments.h \
@@ -353,6 +355,7 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_config_SOURCES = tools/lxc_config.c \
tools/arguments.c tools/arguments.h \
@@ -361,6 +364,7 @@ lxc_config_SOURCES = tools/lxc_config.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_console_SOURCES = tools/lxc_console.c \
tools/arguments.c tools/arguments.h \
@@ -369,6 +373,7 @@ lxc_console_SOURCES = tools/lxc_console.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_destroy_SOURCES = tools/lxc_destroy.c \
tools/arguments.c tools/arguments.h \
@@ -377,6 +382,7 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_device_SOURCES = tools/lxc_device.c \
tools/arguments.c tools/arguments.h \
@@ -385,6 +391,7 @@ lxc_device_SOURCES = tools/lxc_device.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_execute_SOURCES = tools/lxc_execute.c \
tools/arguments.c tools/arguments.h \
@@ -393,6 +400,7 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_freeze_SOURCES = tools/lxc_freeze.c \
tools/arguments.c tools/arguments.h \
@@ -401,6 +409,7 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_info_SOURCES = tools/lxc_info.c \
tools/arguments.c tools/arguments.h \
@@ -409,6 +418,7 @@ lxc_info_SOURCES = tools/lxc_info.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_monitor_SOURCES = tools/lxc_monitor.c \
tools/arguments.c tools/arguments.h \
@@ -417,6 +427,7 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
macro.h \
string_utils.c string_utils.h
lxc_ls_SOURCES = tools/lxc_ls.c \
@@ -426,6 +437,7 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
memory_utils.h \
string_utils.c string_utils.h
lxc_copy_SOURCES = tools/lxc_copy.c \
@@ -435,6 +447,7 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
lxc_start_SOURCES = tools/lxc_start.c \
@@ -444,6 +457,7 @@ lxc_start_SOURCES = tools/lxc_start.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_stop_SOURCES = tools/lxc_stop.c \
tools/arguments.c tools/arguments.h \
@@ -452,6 +466,7 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_top_SOURCES = tools/lxc_top.c \
tools/arguments.c tools/arguments.h \
@@ -460,6 +475,7 @@ lxc_top_SOURCES = tools/lxc_top.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
tools/arguments.c tools/arguments.h \
@@ -468,6 +484,7 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_unshare_SOURCES = tools/lxc_unshare.c \
tools/arguments.c tools/arguments.h \
@@ -476,6 +493,7 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -486,6 +504,7 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_create_SOURCES = tools/lxc_create.c \
tools/arguments.c tools/arguments.h \
@@ -494,6 +513,7 @@ lxc_create_SOURCES = tools/lxc_create.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
@@ -503,6 +523,7 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
tools/arguments.c tools/arguments.h \
@@ -511,6 +532,7 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
string_utils.c string_utils.h
endif
@@ -520,6 +542,7 @@ init_lxc_SOURCES = cmd/lxc_init.c \
compiler.h \
error.c error.h \
initutils.c initutils.h \
+ file_utils.c file_utils.h \
memory_utils.h \
parse.c parse.h \
process_utils.c process_utils.h \
@@ -534,6 +557,7 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
log.c log.h \
mainloop.c mainloop.h \
monitor.c monitor.h \
@@ -548,6 +572,7 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
conf.c conf.h \
confile.c confile.h \
confile_utils.c confile_utils.h \
+ file_utils.c file_utils.h \
log.c log.h \
memory_utils.h \
network.c network.h \
@@ -555,7 +580,6 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
parse.c parse.h \
process_utils.c process_utils.h \
syscall_numbers.h \
- file_utils.c file_utils.h \
string_utils.c string_utils.h \
syscall_wrappers.h
lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
diff --git a/src/lxc/file_utils.h b/src/lxc/file_utils.h
index 6f11ec9d7a..a759a6f361 100644
--- a/src/lxc/file_utils.h
+++ b/src/lxc/file_utils.h
@@ -15,73 +15,63 @@
#include "compiler.h"
/* read and write whole files */
-extern int lxc_write_to_file(const char *filename, const void *buf,
- size_t count, bool add_newline, mode_t mode)
-__access_r(2, 3);
+__hidden extern int lxc_write_to_file(const char *filename, const void *buf, size_t count,
+ bool add_newline, mode_t mode) __access_r(2, 3);
-extern int lxc_readat(int dirfd, const char *filename, void *buf, size_t count)
-__access_w(3, 4);
+__hidden extern int lxc_readat(int dirfd, const char *filename, void *buf, size_t count)
+ __access_w(3, 4);
-extern int lxc_writeat(int dirfd, const char *filename, const void *buf,
- size_t count)
-__access_r(3, 4);
+__hidden extern int lxc_writeat(int dirfd, const char *filename, const void *buf, size_t count)
+ __access_r(3, 4);
-extern int lxc_write_openat(const char *dir, const char *filename,
- const void *buf, size_t count)
-__access_r(3, 4);
+__hidden extern int lxc_write_openat(const char *dir, const char *filename, const void *buf,
+ size_t count) __access_r(3, 4);
-extern int lxc_read_from_file(const char *filename, void *buf, size_t count)
-__access_w(2, 3);
+__hidden extern int lxc_read_from_file(const char *filename, void *buf, size_t count)
+ __access_w(2, 3);
/* send and receive buffers completely */
-extern ssize_t lxc_write_nointr(int fd, const void *buf, size_t count)
-__access_r(2, 3);
+__hidden extern ssize_t lxc_write_nointr(int fd, const void *buf, size_t count) __access_r(2, 3);
-extern ssize_t lxc_pwrite_nointr(int fd, const void *buf, size_t count,
- off_t offset)
-__access_r(2, 3);
+__hidden extern ssize_t lxc_pwrite_nointr(int fd, const void *buf, size_t count, off_t offset)
+ __access_r(2, 3);
-extern ssize_t lxc_send_nointr(int sockfd, void *buf, size_t len, int flags)
-__access_r(2, 3);
+__hidden extern ssize_t lxc_send_nointr(int sockfd, void *buf, size_t len, int flags)
+ __access_r(2, 3);
-extern ssize_t lxc_read_nointr(int fd, void *buf, size_t count)
-__access_w(2, 3);
+__hidden extern ssize_t lxc_read_nointr(int fd, void *buf, size_t count) __access_w(2, 3);
-extern ssize_t lxc_read_nointr_expect(int fd, void *buf, size_t count,
- const void *expected_buf)
-__access_w(2, 3);
+__hidden extern ssize_t lxc_read_nointr_expect(int fd, void *buf, size_t count,
+ const void *expected_buf) __access_w(2, 3);
-extern ssize_t lxc_read_file_expect(const char *path, void *buf, size_t count,
- const void *expected_buf)
-__access_w(2, 3);
+__hidden extern ssize_t lxc_read_file_expect(const char *path, void *buf, size_t count,
+ const void *expected_buf) __access_w(2, 3);
-extern ssize_t lxc_recv_nointr(int sockfd, void *buf, size_t len, int flags)
-__access_w(2, 3);
+__hidden extern ssize_t lxc_recv_nointr(int sockfd, void *buf, size_t len, int flags)
+ __access_w(2, 3);
-ssize_t lxc_recvmsg_nointr_iov(int sockfd, struct iovec *iov, size_t iovlen,
- int flags);
+__hidden extern ssize_t lxc_recvmsg_nointr_iov(int sockfd, struct iovec *iov, size_t iovlen,
+ int flags);
-extern bool file_exists(const char *f);
-extern int print_to_file(const char *file, const char *content);
-extern int is_dir(const char *path);
-extern int lxc_count_file_lines(const char *fn);
-extern int lxc_make_tmpfile(char *template, bool rm);
+__hidden extern bool file_exists(const char *f);
+__hidden extern int print_to_file(const char *file, const char *content);
+__hidden extern int is_dir(const char *path);
+__hidden extern int lxc_count_file_lines(const char *fn);
+__hidden extern int lxc_make_tmpfile(char *template, bool rm);
/* __typeof__ should be safe to use with all compilers. */
typedef __typeof__(((struct statfs *)NULL)->f_type) fs_type_magic;
-extern bool has_fs_type(const char *path, fs_type_magic magic_val);
-extern bool fhas_fs_type(int fd, fs_type_magic magic_val);
-extern bool is_fs_type(const struct statfs *fs, fs_type_magic magic_val);
-extern FILE *fopen_cloexec(const char *path, const char *mode);
-extern ssize_t lxc_sendfile_nointr(int out_fd, int in_fd, off_t *offset,
- size_t count);
-extern char *file_to_buf(const char *path, size_t *length);
-extern int fd_to_buf(int fd, char **buf, size_t *length);
-extern int fd_to_fd(int from, int to);
-extern int lxc_open_dirfd(const char *dir);
-extern FILE *fdopen_cached(int fd, const char *mode, void **caller_freed_buffer);
-extern FILE *fopen_cached(const char *path, const char *mode,
- void **caller_freed_buffer);
-extern int timens_offset_write(clockid_t clk_id, int64_t s_offset, int64_t ns_offset);
+__hidden extern bool has_fs_type(const char *path, fs_type_magic magic_val);
+__hidden extern bool fhas_fs_type(int fd, fs_type_magic magic_val);
+__hidden extern bool is_fs_type(const struct statfs *fs, fs_type_magic magic_val);
+__hidden extern FILE *fopen_cloexec(const char *path, const char *mode);
+__hidden extern ssize_t lxc_sendfile_nointr(int out_fd, int in_fd, off_t *offset, size_t count);
+__hidden extern char *file_to_buf(const char *path, size_t *length);
+__hidden extern int fd_to_buf(int fd, char **buf, size_t *length);
+__hidden extern int fd_to_fd(int from, int to);
+__hidden extern int lxc_open_dirfd(const char *dir);
+__hidden extern FILE *fdopen_cached(int fd, const char *mode, void **caller_freed_buffer);
+__hidden extern FILE *fopen_cached(const char *path, const char *mode, void **caller_freed_buffer);
+__hidden extern int timens_offset_write(clockid_t clk_id, int64_t s_offset, int64_t ns_offset);
#endif /* __LXC_FILE_UTILS_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index bdf8fdcce6..5309d5a7d6 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -2,9 +2,31 @@ if ENABLE_TESTS
LDADD = ../lxc/liblxc.la
-lxc_test_api_reboot_SOURCES = api_reboot.c
+lxc_test_api_reboot_SOURCES = api_reboot.c \
+ ../lxc/af_unix.c ../lxc/af_unix.h \
+ ../lxc/caps.c ../lxc/caps.h \
+ ../lxc/commands.c ../lxc/commands.h \
+ ../lxc/commands_utils.c ../lxc/commands_utils.h \
+ ../lxc/conf.c ../lxc/conf.h \
+ ../lxc/confile.c ../lxc/confile.h \
+ ../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/network.c ../lxc/network.h \
+ ../lxc/nl.c ../lxc/nl.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h
lxc_test_apparmor_SOURCES = aa.c
-lxc_test_attach_SOURCES = attach.c
+lxc_test_attach_SOURCES = attach.c \
+ ../lxc/af_unix.c ../lxc/af_unix.h \
+ ../lxc/caps.c ../lxc/caps.h \
+ ../lxc/commands.c ../lxc/commands.h \
+ ../lxc/commands_utils.c ../lxc/commands_utils.h \
+ ../lxc/conf.c ../lxc/conf.h \
+ ../lxc/confile.c ../lxc/confile.h \
+ ../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/network.c ../lxc/network.h \
+ ../lxc/nl.c ../lxc/nl.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h
lxc_test_basic_SOURCES = basic.c
lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/af_unix.c ../lxc/af_unix.h \
@@ -14,6 +36,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/conf.c ../lxc/conf.h \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -28,6 +51,7 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/conf.c ../lxc/conf.h \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -45,7 +69,10 @@ lxc_test_list_SOURCES = list.c
lxc_test_locktests_SOURCES = locktests.c
lxc_test_lxcpath_SOURCES = lxcpath.c
lxc_test_may_control_SOURCES = may_control.c
-lxc_test_mount_injection_SOURCES = mount_injection.c lxctest.h
+lxc_test_mount_injection_SOURCES = mount_injection.c \
+ lxctest.h \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h
lxc_test_parse_config_file_SOURCES = parse_config_file.c \
lxctest.h \
../lxc/af_unix.c ../lxc/af_unix.h \
@@ -53,6 +80,7 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/conf.c ../lxc/conf.h \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -67,7 +95,9 @@ lxc_test_saveconfig_SOURCES = saveconfig.c
lxc_test_share_ns_SOURCES = share_ns.c \
lxctest.h \
../lxc/compiler.h
-lxc_test_shortlived_SOURCES = shortlived.c
+lxc_test_shortlived_SOURCES = shortlived.c \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h
lxc_test_shutdowntest_SOURCES = shutdowntest.c
lxc_test_snapshot_SOURCES = snapshot.c
lxc_test_startone_SOURCES = startone.c
@@ -83,6 +113,7 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/conf.c ../lxc/conf.h \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
From f575e7efccdabdde1d61db4f83b5124c31b1b58c Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 16:32:52 +0200
Subject: [PATCH 06/17] initutils: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 29 +++++++++++++++++++++++++++--
src/lxc/initutils.h | 5 +++--
src/tests/Makefile.am | 7 +++++++
3 files changed, 37 insertions(+), 4 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 0cb3be1680..472e8dfbc2 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -337,6 +337,7 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
rexec.c rexec.h \
string_utils.c string_utils.h
lxc_autostart_SOURCES = tools/lxc_autostart.c \
@@ -347,6 +348,7 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
tools/arguments.c tools/arguments.h \
@@ -356,6 +358,7 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_config_SOURCES = tools/lxc_config.c \
tools/arguments.c tools/arguments.h \
@@ -365,6 +368,7 @@ lxc_config_SOURCES = tools/lxc_config.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_console_SOURCES = tools/lxc_console.c \
tools/arguments.c tools/arguments.h \
@@ -374,6 +378,7 @@ lxc_console_SOURCES = tools/lxc_console.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_destroy_SOURCES = tools/lxc_destroy.c \
tools/arguments.c tools/arguments.h \
@@ -383,6 +388,7 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_device_SOURCES = tools/lxc_device.c \
tools/arguments.c tools/arguments.h \
@@ -392,6 +398,7 @@ lxc_device_SOURCES = tools/lxc_device.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_execute_SOURCES = tools/lxc_execute.c \
tools/arguments.c tools/arguments.h \
@@ -401,6 +408,7 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_freeze_SOURCES = tools/lxc_freeze.c \
tools/arguments.c tools/arguments.h \
@@ -410,6 +418,7 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_info_SOURCES = tools/lxc_info.c \
tools/arguments.c tools/arguments.h \
@@ -419,6 +428,7 @@ lxc_info_SOURCES = tools/lxc_info.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_monitor_SOURCES = tools/lxc_monitor.c \
tools/arguments.c tools/arguments.h \
@@ -428,6 +438,7 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
macro.h \
string_utils.c string_utils.h
lxc_ls_SOURCES = tools/lxc_ls.c \
@@ -438,6 +449,7 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
memory_utils.h \
string_utils.c string_utils.h
lxc_copy_SOURCES = tools/lxc_copy.c \
@@ -448,6 +460,7 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
lxc_start_SOURCES = tools/lxc_start.c \
@@ -458,6 +471,7 @@ lxc_start_SOURCES = tools/lxc_start.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_stop_SOURCES = tools/lxc_stop.c \
tools/arguments.c tools/arguments.h \
@@ -467,6 +481,7 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_top_SOURCES = tools/lxc_top.c \
tools/arguments.c tools/arguments.h \
@@ -476,6 +491,7 @@ lxc_top_SOURCES = tools/lxc_top.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
tools/arguments.c tools/arguments.h \
@@ -485,6 +501,7 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_unshare_SOURCES = tools/lxc_unshare.c \
tools/arguments.c tools/arguments.h \
@@ -494,6 +511,7 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -505,6 +523,7 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_create_SOURCES = tools/lxc_create.c \
tools/arguments.c tools/arguments.h \
@@ -514,6 +533,7 @@ lxc_create_SOURCES = tools/lxc_create.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
@@ -524,6 +544,7 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
tools/arguments.c tools/arguments.h \
@@ -533,6 +554,7 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
string_utils.c string_utils.h
endif
@@ -541,8 +563,8 @@ if ENABLE_COMMANDS
init_lxc_SOURCES = cmd/lxc_init.c \
compiler.h \
error.c error.h \
- initutils.c initutils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
memory_utils.h \
parse.c parse.h \
process_utils.c process_utils.h \
@@ -558,6 +580,7 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
log.c log.h \
mainloop.c mainloop.h \
monitor.c monitor.h \
@@ -573,6 +596,7 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
log.c log.h \
memory_utils.h \
network.c network.h \
@@ -589,6 +613,7 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
confile.c confile.h \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
list.h \
log.c log.h \
macro.h \
@@ -613,8 +638,8 @@ init_lxc_static_SOURCES = cmd/lxc_init.c \
af_unix.c af_unix.h \
caps.c caps.h \
error.c error.h \
- initutils.c initutils.h \
file_utils.c file_utils.h \
+ initutils.c initutils.h \
log.c log.h \
macro.h \
memory_utils.h \
diff --git a/src/lxc/initutils.h b/src/lxc/initutils.h
index e11c789c70..74cbb85661 100644
--- a/src/lxc/initutils.h
+++ b/src/lxc/initutils.h
@@ -15,6 +15,7 @@
#include <sys/types.h>
#include <unistd.h>
+#include "compiler.h"
#include "string_utils.h"
#define DEFAULT_VG "lxc"
@@ -47,8 +48,8 @@ struct prctl_mm_map {
};
#endif
-extern const char *lxc_global_config_value(const char *option_name);
+__hidden extern const char *lxc_global_config_value(const char *option_name);
-extern int setproctitle(char *title);
+__hidden extern int setproctitle(char *title);
#endif /* __LXC_INITUTILS_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 5309d5a7d6..d587c4b7fa 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -11,6 +11,7 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/initutils.c ../lxc/initutils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -24,6 +25,7 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/initutils.c ../lxc/initutils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -37,6 +39,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/initutils.c ../lxc/initutils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -52,6 +55,7 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/initutils.c ../lxc/initutils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -81,6 +85,7 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/initutils.c ../lxc/initutils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -114,6 +119,7 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/confile.c ../lxc/confile.h \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/initutils.c ../lxc/initutils.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -124,6 +130,7 @@ AM_CFLAGS=-DLXCROOTFSMOUNT=\"$(LXCROOTFSMOUNT)\" \
-DLXCINITDIR=\"$(LXCINITDIR)\" \
-DLIBEXECDIR=\"$(LIBEXECDIR)\" \
-DLXC_DEFAULT_CONFIG=\"$(LXC_DEFAULT_CONFIG)\" \
+ -DDEFAULT_CGROUP_PATTERN=\"$(DEFAULT_CGROUP_PATTERN)\" \
-DRUNTIME_PATH=\"$(RUNTIME_PATH)\" \
-DSBINDIR=\"$(SBINDIR)\" \
-I $(top_srcdir)/src \
From 07d1f84ab27ff35e15259294f65445550b133826 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 16:45:34 +0200
Subject: [PATCH 07/17] log: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 24 ++++++++++++++++++++++++
src/lxc/file_utils.c | 4 ++--
src/lxc/log.h | 32 +++++++++++++++++---------------
src/lxc/utils.h | 6 ------
src/tests/Makefile.am | 17 ++++++++++++++---
5 files changed, 57 insertions(+), 26 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 472e8dfbc2..32ab6eeb06 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -338,6 +338,7 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
rexec.c rexec.h \
string_utils.c string_utils.h
lxc_autostart_SOURCES = tools/lxc_autostart.c \
@@ -349,6 +350,7 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
tools/arguments.c tools/arguments.h \
@@ -359,6 +361,7 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_config_SOURCES = tools/lxc_config.c \
tools/arguments.c tools/arguments.h \
@@ -369,6 +372,7 @@ lxc_config_SOURCES = tools/lxc_config.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_console_SOURCES = tools/lxc_console.c \
tools/arguments.c tools/arguments.h \
@@ -379,6 +383,7 @@ lxc_console_SOURCES = tools/lxc_console.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_destroy_SOURCES = tools/lxc_destroy.c \
tools/arguments.c tools/arguments.h \
@@ -389,6 +394,7 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_device_SOURCES = tools/lxc_device.c \
tools/arguments.c tools/arguments.h \
@@ -399,6 +405,7 @@ lxc_device_SOURCES = tools/lxc_device.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_execute_SOURCES = tools/lxc_execute.c \
tools/arguments.c tools/arguments.h \
@@ -409,6 +416,7 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_freeze_SOURCES = tools/lxc_freeze.c \
tools/arguments.c tools/arguments.h \
@@ -419,6 +427,7 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_info_SOURCES = tools/lxc_info.c \
tools/arguments.c tools/arguments.h \
@@ -429,6 +438,7 @@ lxc_info_SOURCES = tools/lxc_info.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_monitor_SOURCES = tools/lxc_monitor.c \
tools/arguments.c tools/arguments.h \
@@ -439,6 +449,7 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
macro.h \
string_utils.c string_utils.h
lxc_ls_SOURCES = tools/lxc_ls.c \
@@ -450,6 +461,7 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
memory_utils.h \
string_utils.c string_utils.h
lxc_copy_SOURCES = tools/lxc_copy.c \
@@ -461,6 +473,7 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
lxc_start_SOURCES = tools/lxc_start.c \
@@ -472,6 +485,7 @@ lxc_start_SOURCES = tools/lxc_start.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_stop_SOURCES = tools/lxc_stop.c \
tools/arguments.c tools/arguments.h \
@@ -482,6 +496,7 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_top_SOURCES = tools/lxc_top.c \
tools/arguments.c tools/arguments.h \
@@ -492,6 +507,7 @@ lxc_top_SOURCES = tools/lxc_top.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
tools/arguments.c tools/arguments.h \
@@ -502,6 +518,7 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_unshare_SOURCES = tools/lxc_unshare.c \
tools/arguments.c tools/arguments.h \
@@ -512,6 +529,7 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -524,6 +542,7 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_create_SOURCES = tools/lxc_create.c \
tools/arguments.c tools/arguments.h \
@@ -534,6 +553,7 @@ lxc_create_SOURCES = tools/lxc_create.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
@@ -545,6 +565,7 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
tools/arguments.c tools/arguments.h \
@@ -555,16 +576,19 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
confile_utils.c confile_utils.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
string_utils.c string_utils.h
endif
if ENABLE_COMMANDS
# Binaries shipping with liblxc
init_lxc_SOURCES = cmd/lxc_init.c \
+ caps.c caps.h \
compiler.h \
error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
+ log.c log.h \
memory_utils.h \
parse.c parse.h \
process_utils.c process_utils.h \
diff --git a/src/lxc/file_utils.c b/src/lxc/file_utils.c
index 0ec1f21c48..70791f29fa 100644
--- a/src/lxc/file_utils.c
+++ b/src/lxc/file_utils.c
@@ -8,16 +8,16 @@
#include <linux/magic.h>
#include <stdio.h>
#include <stdlib.h>
-#include <sys/stat.h>
#include <sys/sendfile.h>
+#include <sys/stat.h>
#include <sys/types.h>
+#include <time.h>
#include "config.h"
#include "file_utils.h"
#include "macro.h"
#include "memory_utils.h"
#include "string_utils.h"
-#include <time.h>
#include "utils.h"
int lxc_open_dirfd(const char *dir)
diff --git a/src/lxc/log.h b/src/lxc/log.h
index 3f91d9bc50..153302fdec 100644
--- a/src/lxc/log.h
+++ b/src/lxc/log.h
@@ -16,6 +16,7 @@
#include <syslog.h>
#include <time.h>
+#include "compiler.h"
#include "conf.h"
#include "config.h"
@@ -84,7 +85,7 @@ struct lxc_log_category {
};
#ifndef NO_LXC_CONF
-extern int lxc_log_use_global_fd;
+__hidden extern int lxc_log_use_global_fd;
#endif
/*
@@ -560,17 +561,18 @@ __lxc_unused static inline void LXC_##LEVEL(struct lxc_log_locinfo* locinfo, \
__internal_ret__; \
})
-extern int lxc_log_fd;
-
-extern int lxc_log_syslog(int facility);
-extern void lxc_log_syslog_enable(void);
-extern void lxc_log_syslog_disable(void);
-extern int lxc_log_set_level(int *dest, int level);
-extern int lxc_log_get_level(void);
-extern bool lxc_log_has_valid_level(void);
-extern int lxc_log_set_file(int *fd, const char *fname);
-extern const char *lxc_log_get_file(void);
-extern void lxc_log_set_prefix(const char *prefix);
-extern const char *lxc_log_get_prefix(void);
-extern void lxc_log_options_no_override(void);
-#endif
+__hidden extern int lxc_log_fd;
+
+__hidden extern int lxc_log_syslog(int facility);
+__hidden extern void lxc_log_syslog_enable(void);
+__hidden extern void lxc_log_syslog_disable(void);
+__hidden extern int lxc_log_set_level(int *dest, int level);
+__hidden extern int lxc_log_get_level(void);
+__hidden extern bool lxc_log_has_valid_level(void);
+__hidden extern int lxc_log_set_file(int *fd, const char *fname);
+__hidden extern const char *lxc_log_get_file(void);
+__hidden extern void lxc_log_set_prefix(const char *prefix);
+__hidden extern const char *lxc_log_get_prefix(void);
+__hidden extern void lxc_log_options_no_override(void);
+
+#endif /* __LXC_LOG_H */
diff --git a/src/lxc/utils.h b/src/lxc/utils.h
index 8c0e0c4aa5..8e6fbc44f5 100644
--- a/src/lxc/utils.h
+++ b/src/lxc/utils.h
@@ -203,12 +203,6 @@ extern int run_command(char *buf, size_t buf_size, int (*child_fn)(void *),
extern int run_command_status(char *buf, size_t buf_size, int (*child_fn)(void *),
void *args);
-/* return copy of string @entry; do not fail. */
-extern char *must_copy_string(const char *entry);
-
-/* Re-allocate a pointer, do not fail */
-extern void *must_realloc(void *orig, size_t sz);
-
extern bool lxc_nic_exists(char *nic);
static inline uint64_t lxc_getpagesize(void)
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index d587c4b7fa..cf1447b52c 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -12,6 +12,7 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
+ ../lxc/log.c ../lxc/log.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -26,6 +27,7 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
+ ../lxc/log.c ../lxc/log.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -40,6 +42,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
+ ../lxc/log.c ../lxc/log.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -56,6 +59,7 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
+ ../lxc/log.c ../lxc/log.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -86,15 +90,19 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
+ ../lxc/log.c ../lxc/log.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
lxc_test_raw_clone_SOURCES = lxc_raw_clone.c \
lxctest.h \
+ ../lxc/caps.c ../lxc/caps.h \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/log.c ../lxc/log.h \
../lxc/namespace.c ../lxc/namespace.h \
- ../lxc/process_utils.c ../lxc/process_utils.h
- ../lxc/utils.c ../lxc/utils.h \
- ../lxc/string_utils.c ../lxc/string_utils.h
+ ../lxc/process_utils.c ../lxc/process_utils.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h \
+ ../lxc/utils.c ../lxc/utils.h
lxc_test_reboot_SOURCES = reboot.c
lxc_test_saveconfig_SOURCES = saveconfig.c
lxc_test_share_ns_SOURCES = share_ns.c \
@@ -120,6 +128,7 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/confile_utils.c ../lxc/confile_utils.h \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
+ ../lxc/log.c ../lxc/log.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -129,6 +138,8 @@ AM_CFLAGS=-DLXCROOTFSMOUNT=\"$(LXCROOTFSMOUNT)\" \
-DLXC_GLOBAL_CONF=\"$(LXC_GLOBAL_CONF)\" \
-DLXCINITDIR=\"$(LXCINITDIR)\" \
-DLIBEXECDIR=\"$(LIBEXECDIR)\" \
+ -DLOGPATH=\"$(LOGPATH)\" \
+ -DLXCTEMPLATEDIR=\"$(LXCTEMPLATEDIR)\" \
-DLXC_DEFAULT_CONFIG=\"$(LXC_DEFAULT_CONFIG)\" \
-DDEFAULT_CGROUP_PATTERN=\"$(DEFAULT_CGROUP_PATTERN)\" \
-DRUNTIME_PATH=\"$(RUNTIME_PATH)\" \
From a7692df573ffd5a69eb086ac9e457c6bda961edb Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 17:22:31 +0200
Subject: [PATCH 08/17] lxclock: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/compiler.h | 4 ++++
src/lxc/lxclock.h | 22 ++++++++++++----------
src/tests/Makefile.am | 7 ++++++-
3 files changed, 22 insertions(+), 11 deletions(-)
diff --git a/src/lxc/compiler.h b/src/lxc/compiler.h
index 1852f1c0af..c230e510ce 100644
--- a/src/lxc/compiler.h
+++ b/src/lxc/compiler.h
@@ -79,4 +79,8 @@
#define __hidden __attribute__((visibility("hidden")))
#endif
+#ifndef __public
+#define __public __attribute__((visibility("default")))
+#endif
+
#endif /* __LXC_COMPILER_H */
diff --git a/src/lxc/lxclock.h b/src/lxc/lxclock.h
index 9f9bc3bf6d..38f49b5b4b 100644
--- a/src/lxc/lxclock.h
+++ b/src/lxc/lxclock.h
@@ -11,6 +11,8 @@
#include <time.h>
#include <unistd.h>
+#include "compiler.h"
+
#ifndef F_OFD_GETLK
#define F_OFD_GETLK 36
#endif
@@ -71,7 +73,7 @@ struct lxc_lock {
* freed when the container is freed), and \c u.f.fd = -1.
*
*/
-extern struct lxc_lock *lxc_newlock(const char *lxcpath, const char *name);
+__hidden extern struct lxc_lock *lxc_newlock(const char *lxcpath, const char *name);
/*!
* \brief Take an existing lock.
@@ -89,7 +91,7 @@ extern struct lxc_lock *lxc_newlock(const char *lxcpath, const char *name);
* (except in the test case) I may remove the support for it in sem as
* well.
*/
-extern int lxclock(struct lxc_lock *lock, int timeout);
+__hidden extern int lxclock(struct lxc_lock *lock, int timeout);
/*!
* \brief Unlock specified lock previously locked using \ref lxclock().
@@ -99,24 +101,24 @@ extern int lxclock(struct lxc_lock *lock, int timeout);
* \return \c 0 on success, \c -2 if provided lock was not already held,
* otherwise \c -1 with \c errno saved from \c fcntl(2) or sem_post function.
*/
-extern int lxcunlock(struct lxc_lock *lock);
+__hidden extern int lxcunlock(struct lxc_lock *lock);
/*!
* \brief Free a lock created by \ref lxc_newlock().
*
* \param lock Lock.
*/
-extern void lxc_putlock(struct lxc_lock *lock);
+__hidden extern void lxc_putlock(struct lxc_lock *lock);
/*!
* \brief Lock the current process.
*/
-extern void process_lock(void);
+__hidden extern void process_lock(void);
/*!
* \brief Unlock the current process.
*/
-extern void process_unlock(void);
+__hidden extern void process_unlock(void);
struct lxc_container;
@@ -127,14 +129,14 @@ struct lxc_container;
*
* \return As for \ref lxclock().
*/
-extern int container_mem_lock(struct lxc_container *c);
+__hidden extern int container_mem_lock(struct lxc_container *c);
/*!
* \brief Unlock the containers memory.
*
* \param c Container.
*/
-extern void container_mem_unlock(struct lxc_container *c);
+__hidden extern void container_mem_unlock(struct lxc_container *c);
/*!
* \brief Lock the containers disk data.
@@ -144,7 +146,7 @@ extern void container_mem_unlock(struct lxc_container *c);
* \return \c 0 on success, or an \ref lxclock() error return
* values on error.
*/
-extern int container_disk_lock(struct lxc_container *c);
+__hidden extern int container_disk_lock(struct lxc_container *c);
/*!
* \brief Unlock the containers disk data.
@@ -152,6 +154,6 @@ extern int container_disk_lock(struct lxc_container *c);
* \param c Container.
*
*/
-extern void container_disk_unlock(struct lxc_container *c);
+__hidden extern void container_disk_unlock(struct lxc_container *c);
#endif
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index cf1447b52c..8c84c1d2bc 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -74,7 +74,12 @@ lxc_test_device_add_remove_SOURCES = device_add_remove.c
lxc_test_getkeys_SOURCES = getkeys.c
lxc_test_get_item_SOURCES = get_item.c
lxc_test_list_SOURCES = list.c
-lxc_test_locktests_SOURCES = locktests.c
+lxc_test_locktests_SOURCES = locktests.c \
+ ../lxc/caps.c ../lxc/caps.h \
+ ../lxc/file_utils.c ../lxc/file_utils.h \
+ ../lxc/log.c ../lxc/log.h \
+ ../lxc/lxclock.c ../lxc/lxclock.h \
+ ../lxc/string_utils.c ../lxc/string_utils.h
lxc_test_lxcpath_SOURCES = lxcpath.c
lxc_test_may_control_SOURCES = may_control.c
lxc_test_mount_injection_SOURCES = mount_injection.c \
From d6e12907a06e7254540efea060a524f02959d56f Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 17:26:12 +0200
Subject: [PATCH 09/17] lxcseccomp: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 104 +++++++++++++++++++++++++++++++++++++++++-
src/lxc/lxcseccomp.h | 29 ++++++------
src/tests/Makefile.am | 30 +++++++++++-
3 files changed, 146 insertions(+), 17 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 32ab6eeb06..2caaaad252 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -183,7 +183,7 @@ endif
endif
if ENABLE_SECCOMP
-liblxc_la_SOURCES += seccomp.c
+liblxc_la_SOURCES += seccomp.c lxcseccomp.h
endif
if !HAVE_STRLCPY
@@ -341,6 +341,10 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
log.c log.h \
rexec.c rexec.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_attach_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_autostart_SOURCES = tools/lxc_autostart.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -352,6 +356,10 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_autostart_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -363,6 +371,10 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_cgroup_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_config_SOURCES = tools/lxc_config.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -374,6 +386,10 @@ lxc_config_SOURCES = tools/lxc_config.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_config_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_console_SOURCES = tools/lxc_console.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -385,6 +401,10 @@ lxc_console_SOURCES = tools/lxc_console.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_console_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_destroy_SOURCES = tools/lxc_destroy.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -396,6 +416,10 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_destroy_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_device_SOURCES = tools/lxc_device.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -407,6 +431,10 @@ lxc_device_SOURCES = tools/lxc_device.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_device_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_execute_SOURCES = tools/lxc_execute.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -418,6 +446,10 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_execute_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_freeze_SOURCES = tools/lxc_freeze.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -429,6 +461,10 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_freeze_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_info_SOURCES = tools/lxc_info.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -440,6 +476,10 @@ lxc_info_SOURCES = tools/lxc_info.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_info_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_monitor_SOURCES = tools/lxc_monitor.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -452,6 +492,10 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
log.c log.h \
macro.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_monitor_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_ls_SOURCES = tools/lxc_ls.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -464,6 +508,10 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
log.c log.h \
memory_utils.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_ls_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_copy_SOURCES = tools/lxc_copy.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -476,6 +524,10 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
log.c log.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_copy_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_start_SOURCES = tools/lxc_start.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -487,6 +539,10 @@ lxc_start_SOURCES = tools/lxc_start.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_start_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_stop_SOURCES = tools/lxc_stop.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -498,6 +554,10 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_stop_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_top_SOURCES = tools/lxc_top.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -509,6 +569,10 @@ lxc_top_SOURCES = tools/lxc_top.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_top_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -520,6 +584,10 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_unfreeze_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_unshare_SOURCES = tools/lxc_unshare.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -533,6 +601,10 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
+if ENABLE_SECCOMP
+lxc_unshare_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_wait_SOURCES = tools/lxc_wait.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -544,6 +616,10 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_wait_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_create_SOURCES = tools/lxc_create.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -556,6 +632,10 @@ lxc_create_SOURCES = tools/lxc_create.c \
log.c log.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_create_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -567,6 +647,10 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_snapshot_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
tools/arguments.c tools/arguments.h \
af_unix.c af_unix.h \
@@ -578,6 +662,10 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
initutils.c initutils.h \
log.c log.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+lxc_checkpoint_SOURCES += seccomp.c lxcseccomp.h
+endif
+
endif
if ENABLE_COMMANDS
@@ -594,6 +682,9 @@ init_lxc_SOURCES = cmd/lxc_init.c \
process_utils.c process_utils.h \
syscall_numbers.h \
string_utils.c string_utils.h
+if ENABLE_SECCOMP
+init_lxc_SOURCES += seccomp.c lxcseccomp.h
+endif
init_lxc_LDFLAGS = -pthread
@@ -612,6 +703,10 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
string_utils.c string_utils.h \
syscall_numbers.h \
utils.c utils.h
+if ENABLE_SECCOMP
+lxc_monitord_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
../include/netns_ifaddrs.c ../include/netns_ifaddrs.h \
af_unix.c af_unix.h \
@@ -630,6 +725,10 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
syscall_numbers.h \
string_utils.c string_utils.h \
syscall_wrappers.h
+if ENABLE_SECCOMP
+lxc_user_nic_SOURCES += seccomp.c lxcseccomp.h
+endif
+
lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
af_unix.c af_unix.h \
caps.c caps.h \
@@ -645,6 +744,9 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
string_utils.c string_utils.h \
syscall_wrappers.h \
utils.c utils.h
+if ENABLE_SECCOMP
+lxc_usernsexec_SOURCES += seccomp.c lxcseccomp.h
+endif
endif
diff --git a/src/lxc/lxcseccomp.h b/src/lxc/lxcseccomp.h
index d96a015b22..2e9bda5a43 100644
--- a/src/lxc/lxcseccomp.h
+++ b/src/lxc/lxcseccomp.h
@@ -16,6 +16,7 @@
#include <sys/un.h>
#endif
+#include "compiler.h"
#include "conf.h"
#include "config.h"
#include "memory_utils.h"
@@ -77,21 +78,19 @@ struct lxc_seccomp {
#endif /* HAVE_DECL_SECCOMP_NOTIFY_FD */
};
-extern int lxc_seccomp_load(struct lxc_conf *conf);
-extern int lxc_read_seccomp_config(struct lxc_conf *conf);
-extern void lxc_seccomp_free(struct lxc_seccomp *seccomp);
-extern int seccomp_notify_handler(int fd, uint32_t events, void *data,
- struct lxc_epoll_descr *descr);
-extern void seccomp_conf_init(struct lxc_conf *conf);
-extern int lxc_seccomp_setup_proxy(struct lxc_seccomp *seccomp,
- struct lxc_epoll_descr *descr,
- struct lxc_handler *handler);
-extern int lxc_seccomp_send_notifier_fd(struct lxc_seccomp *seccomp,
- int socket_fd);
-extern int lxc_seccomp_recv_notifier_fd(struct lxc_seccomp *seccomp,
- int socket_fd);
-extern int lxc_seccomp_add_notifier(const char *name, const char *lxcpath,
- struct lxc_seccomp *seccomp);
+__hidden extern int lxc_seccomp_load(struct lxc_conf *conf);
+__hidden extern int lxc_read_seccomp_config(struct lxc_conf *conf);
+__hidden extern void lxc_seccomp_free(struct lxc_seccomp *seccomp);
+__hidden extern int seccomp_notify_handler(int fd, uint32_t events, void *data,
+ struct lxc_epoll_descr *descr);
+__hidden extern void seccomp_conf_init(struct lxc_conf *conf);
+__hidden extern int lxc_seccomp_setup_proxy(struct lxc_seccomp *seccomp,
+ struct lxc_epoll_descr *descr,
+ struct lxc_handler *handler);
+__hidden extern int lxc_seccomp_send_notifier_fd(struct lxc_seccomp *seccomp, int socket_fd);
+__hidden extern int lxc_seccomp_recv_notifier_fd(struct lxc_seccomp *seccomp, int socket_fd);
+__hidden extern int lxc_seccomp_add_notifier(const char *name, const char *lxcpath,
+ struct lxc_seccomp *seccomp);
static inline int lxc_seccomp_get_notify_fd(struct lxc_seccomp *seccomp)
{
#if HAVE_DECL_SECCOMP_NOTIFY_FD
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 8c84c1d2bc..064b2b0f63 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -1,6 +1,11 @@
if ENABLE_TESTS
-LDADD = ../lxc/liblxc.la
+LDADD = ../lxc/liblxc.la \
+ @CAP_LIBS@ \
+ @OPENSSL_LIBS@ \
+ @SECCOMP_LIBS@ \
+ @SELINUX_LIBS@ \
+ @DLOG_LIBS@
lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/af_unix.c ../lxc/af_unix.h \
@@ -16,6 +21,10 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
+if ENABLE_SECCOMP
+lxc_test_api_reboot_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
+endif
+
lxc_test_apparmor_SOURCES = aa.c
lxc_test_attach_SOURCES = attach.c \
../lxc/af_unix.c ../lxc/af_unix.h \
@@ -31,6 +40,10 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
+if ENABLE_SECCOMP
+lxc_test_attach_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
+endif
+
lxc_test_basic_SOURCES = basic.c
lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/af_unix.c ../lxc/af_unix.h \
@@ -46,6 +59,10 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
+if ENABLE_SECCOMP
+lxc_test_cgpath_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
+endif
+
lxc_test_clonetest_SOURCES = clonetest.c
lxc_test_concurrent_SOURCES = concurrent.c
lxc_test_config_jump_table_SOURCES = config_jump_table.c \
@@ -63,6 +80,10 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
+if ENABLE_SECCOMP
+lxc_test_config_jump_table_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
+endif
+
lxc_test_console_SOURCES = console.c
lxc_test_console_log_SOURCES = console_log.c lxctest.h
lxc_test_containertests_SOURCES = containertests.c
@@ -99,6 +120,10 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
+if ENABLE_SECCOMP
+lxc_test_parse_config_file_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
+endif
+
lxc_test_raw_clone_SOURCES = lxc_raw_clone.c \
lxctest.h \
../lxc/caps.c ../lxc/caps.h \
@@ -137,6 +162,9 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
+if ENABLE_SECCOMP
+lxc_test_utils_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
+endif
AM_CFLAGS=-DLXCROOTFSMOUNT=\"$(LXCROOTFSMOUNT)\" \
-DLXCPATH=\"$(LXCPATH)\" \
From d50aa57f9b769df9f3a4dbfd80e44b61d5483055 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 17:47:58 +0200
Subject: [PATCH 10/17] mainloop: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 2 ++
src/lxc/mainloop.h | 20 +++++++++-----------
src/tests/Makefile.am | 5 +++++
3 files changed, 16 insertions(+), 11 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 2caaaad252..fd3eec9940 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -553,6 +553,7 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ mainloop.c mainloop.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_stop_SOURCES += seccomp.c lxcseccomp.h
@@ -568,6 +569,7 @@ lxc_top_SOURCES = tools/lxc_top.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ mainloop.c mainloop.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_top_SOURCES += seccomp.c lxcseccomp.h
diff --git a/src/lxc/mainloop.h b/src/lxc/mainloop.h
index e6ab9a6d9e..2a16c94e06 100644
--- a/src/lxc/mainloop.h
+++ b/src/lxc/mainloop.h
@@ -5,6 +5,7 @@
#include <stdint.h>
+#include "compiler.h"
#include "list.h"
#include "memory_utils.h"
@@ -20,21 +21,18 @@ struct lxc_epoll_descr {
typedef int (*lxc_mainloop_callback_t)(int fd, uint32_t event, void *data,
struct lxc_epoll_descr *descr);
-extern int lxc_mainloop(struct lxc_epoll_descr *descr, int timeout_ms);
+__hidden extern int lxc_mainloop(struct lxc_epoll_descr *descr, int timeout_ms);
-extern int lxc_mainloop_add_handler_events(struct lxc_epoll_descr *descr,
- int fd, int events,
- lxc_mainloop_callback_t callback,
- void *data);
-extern int lxc_mainloop_add_handler(struct lxc_epoll_descr *descr, int fd,
- lxc_mainloop_callback_t callback,
- void *data);
+__hidden extern int lxc_mainloop_add_handler_events(struct lxc_epoll_descr *descr, int fd, int events,
+ lxc_mainloop_callback_t callback, void *data);
+__hidden extern int lxc_mainloop_add_handler(struct lxc_epoll_descr *descr, int fd,
+ lxc_mainloop_callback_t callback, void *data);
-extern int lxc_mainloop_del_handler(struct lxc_epoll_descr *descr, int fd);
+__hidden extern int lxc_mainloop_del_handler(struct lxc_epoll_descr *descr, int fd);
-extern int lxc_mainloop_open(struct lxc_epoll_descr *descr);
+__hidden extern int lxc_mainloop_open(struct lxc_epoll_descr *descr);
-extern void lxc_mainloop_close(struct lxc_epoll_descr *descr);
+__hidden extern void lxc_mainloop_close(struct lxc_epoll_descr *descr);
define_cleanup_function(struct lxc_epoll_descr *, lxc_mainloop_close);
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 064b2b0f63..b660e0a0da 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -18,6 +18,7 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
+ ../lxc/mainloop.c ../lxc/mainloop.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -37,6 +38,7 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
+ ../lxc/mainloop.c ../lxc/mainloop.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -56,6 +58,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
+ ../lxc/mainloop.c ../lxc/mainloop.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -77,6 +80,7 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
+ ../lxc/mainloop.c ../lxc/mainloop.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -159,6 +163,7 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
+ ../lxc/mainloop.c ../lxc/mainloop.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
From 85b035a134410a2845984d92b6adfa7c2c2f016f Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 18:09:19 +0200
Subject: [PATCH 11/17] monitor: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 1 +
src/lxc/monitor.h | 31 +++++++++++++++----------------
2 files changed, 16 insertions(+), 16 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index fd3eec9940..b4cc216a3c 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -491,6 +491,7 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
initutils.c initutils.h \
log.c log.h \
macro.h \
+ monitor.c monitor.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_monitor_SOURCES += seccomp.c lxcseccomp.h
diff --git a/src/lxc/monitor.h b/src/lxc/monitor.h
index 61278c2b21..0f89e4ff65 100644
--- a/src/lxc/monitor.h
+++ b/src/lxc/monitor.h
@@ -8,6 +8,8 @@
#include <sys/param.h>
#include <sys/un.h>
+#include "compiler.h"
+
typedef enum {
lxc_msg_state,
lxc_msg_priority,
@@ -16,25 +18,23 @@ typedef enum {
struct lxc_msg {
lxc_msg_type_t type;
- char name[NAME_MAX+1];
+ char name[NAME_MAX + 1];
int value;
};
-extern int lxc_monitor_sock_name(const char *lxcpath, struct sockaddr_un *addr);
-extern int lxc_monitor_fifo_name(const char *lxcpath, char *fifo_path,
- size_t fifo_path_sz, int do_mkdirp);
-extern void lxc_monitor_send_state(const char *name, lxc_state_t state,
- const char *lxcpath);
-extern void lxc_monitor_send_exit_code(const char *name, int exit_code,
- const char *lxcpath);
-extern int lxc_monitord_spawn(const char *lxcpath);
+__hidden extern int lxc_monitor_sock_name(const char *lxcpath, struct sockaddr_un *addr);
+__hidden extern int lxc_monitor_fifo_name(const char *lxcpath, char *fifo_path, size_t fifo_path_sz,
+ int do_mkdirp);
+__hidden extern void lxc_monitor_send_state(const char *name, lxc_state_t state, const char *lxcpath);
+__hidden extern void lxc_monitor_send_exit_code(const char *name, int exit_code, const char *lxcpath);
+__hidden extern int lxc_monitord_spawn(const char *lxcpath);
/*
* Open the monitoring mechanism for a specific container
* The function will return an fd corresponding to the events
* Returns a file descriptor on success, < 0 otherwise
*/
-extern int lxc_monitor_open(const char *lxcpath);
+__hidden extern int lxc_monitor_open(const char *lxcpath);
/*
* Blocking read for the next container state change
@@ -43,7 +43,7 @@ extern int lxc_monitor_open(const char *lxcpath);
* Returns 0 if the monitored container has exited, > 0 if
* data was read, < 0 otherwise
*/
-extern int lxc_monitor_read(int fd, struct lxc_msg *msg);
+__hidden extern int lxc_monitor_read(int fd, struct lxc_msg *msg);
/*
* Blocking read for the next container state change with timeout
@@ -53,7 +53,7 @@ extern int lxc_monitor_read(int fd, struct lxc_msg *msg);
* Returns 0 if the monitored container has exited, > 0 if
* data was read, < 0 otherwise
*/
-extern int lxc_monitor_read_timeout(int fd, struct lxc_msg *msg, int timeout);
+__hidden extern int lxc_monitor_read_timeout(int fd, struct lxc_msg *msg, int timeout);
/*
* Blocking read from multiple monitors for the next container state
@@ -65,8 +65,7 @@ extern int lxc_monitor_read_timeout(int fd, struct lxc_msg *msg, int timeout);
* Returns 0 if the monitored container has exited, > 0 if
* data was read, < 0 otherwise
*/
-extern int lxc_monitor_read_fdset(struct pollfd *fds, nfds_t nfds, struct lxc_msg *msg,
- int timeout);
-
+__hidden extern int lxc_monitor_read_fdset(struct pollfd *fds, nfds_t nfds, struct lxc_msg *msg,
+ int timeout);
-#endif
+#endif /* __LXC_MONITOR_H */
From 9e20bf04e03d48fa516cd1000c527f87b9a4e67e Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 18:11:02 +0200
Subject: [PATCH 12/17] namespace: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 25 +++++++++++++++++++++++++
src/lxc/namespace.h | 14 ++++++++------
src/tests/Makefile.am | 6 ++++++
3 files changed, 39 insertions(+), 6 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index b4cc216a3c..84c13eefd1 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -339,6 +339,7 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
rexec.c rexec.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -355,6 +356,7 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_autostart_SOURCES += seccomp.c lxcseccomp.h
@@ -370,6 +372,7 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_cgroup_SOURCES += seccomp.c lxcseccomp.h
@@ -385,6 +388,7 @@ lxc_config_SOURCES = tools/lxc_config.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_config_SOURCES += seccomp.c lxcseccomp.h
@@ -400,6 +404,7 @@ lxc_console_SOURCES = tools/lxc_console.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_console_SOURCES += seccomp.c lxcseccomp.h
@@ -415,6 +420,7 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_destroy_SOURCES += seccomp.c lxcseccomp.h
@@ -430,6 +436,7 @@ lxc_device_SOURCES = tools/lxc_device.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_device_SOURCES += seccomp.c lxcseccomp.h
@@ -445,6 +452,7 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_execute_SOURCES += seccomp.c lxcseccomp.h
@@ -460,6 +468,7 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_freeze_SOURCES += seccomp.c lxcseccomp.h
@@ -475,6 +484,7 @@ lxc_info_SOURCES = tools/lxc_info.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_info_SOURCES += seccomp.c lxcseccomp.h
@@ -492,6 +502,7 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
log.c log.h \
macro.h \
monitor.c monitor.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_monitor_SOURCES += seccomp.c lxcseccomp.h
@@ -508,6 +519,7 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
initutils.c initutils.h \
log.c log.h \
memory_utils.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_ls_SOURCES += seccomp.c lxcseccomp.h
@@ -523,6 +535,7 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -539,6 +552,7 @@ lxc_start_SOURCES = tools/lxc_start.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_start_SOURCES += seccomp.c lxcseccomp.h
@@ -555,6 +569,7 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
initutils.c initutils.h \
log.c log.h \
mainloop.c mainloop.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_stop_SOURCES += seccomp.c lxcseccomp.h
@@ -571,6 +586,7 @@ lxc_top_SOURCES = tools/lxc_top.c \
initutils.c initutils.h \
log.c log.h \
mainloop.c mainloop.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_top_SOURCES += seccomp.c lxcseccomp.h
@@ -586,6 +602,7 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_unfreeze_SOURCES += seccomp.c lxcseccomp.h
@@ -601,6 +618,7 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -618,6 +636,7 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_wait_SOURCES += seccomp.c lxcseccomp.h
@@ -633,6 +652,7 @@ lxc_create_SOURCES = tools/lxc_create.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -649,6 +669,7 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_snapshot_SOURCES += seccomp.c lxcseccomp.h
@@ -664,6 +685,7 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_checkpoint_SOURCES += seccomp.c lxcseccomp.h
@@ -702,6 +724,7 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
log.c log.h \
mainloop.c mainloop.h \
monitor.c monitor.h \
+ namespace.c namespace.h \
process_utils.c process_utils.h \
string_utils.c string_utils.h \
syscall_numbers.h \
@@ -721,6 +744,7 @@ lxc_user_nic_SOURCES = cmd/lxc_user_nic.c \
initutils.c initutils.h \
log.c log.h \
memory_utils.h \
+ namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
@@ -744,6 +768,7 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
log.c log.h \
macro.h \
memory_utils.h \
+ namespace.c namespace.h \
string_utils.c string_utils.h \
syscall_wrappers.h \
utils.c utils.h
diff --git a/src/lxc/namespace.h b/src/lxc/namespace.h
index 59b26fa60d..4e3fc3dfc1 100644
--- a/src/lxc/namespace.h
+++ b/src/lxc/namespace.h
@@ -7,6 +7,8 @@
#include <unistd.h>
#include <sys/syscall.h>
+#include "compiler.h"
+
enum {
LXC_NS_USER,
LXC_NS_MNT,
@@ -19,16 +21,16 @@ enum {
LXC_NS_MAX
};
-extern const struct ns_info {
+__hidden extern const struct ns_info {
const char *proc_name;
int clone_flag;
const char *flag_name;
const char *env_name;
} ns_info[LXC_NS_MAX];
-extern int lxc_namespace_2_cloneflag(const char *namespace);
-extern int lxc_namespace_2_ns_idx(const char *namespace);
-extern int lxc_namespace_2_std_identifiers(char *namespaces);
-extern int lxc_fill_namespace_flags(char *flaglist, int *flags);
+__hidden extern int lxc_namespace_2_cloneflag(const char *namespace);
+__hidden extern int lxc_namespace_2_ns_idx(const char *namespace);
+__hidden extern int lxc_namespace_2_std_identifiers(char *namespaces);
+__hidden extern int lxc_fill_namespace_flags(char *flaglist, int *flags);
-#endif
+#endif /* __LXC_NAMESPACE_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index b660e0a0da..7c26aa0e19 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -19,6 +19,7 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/mainloop.c ../lxc/mainloop.h \
+ ../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -39,6 +40,7 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/mainloop.c ../lxc/mainloop.h \
+ ../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -59,6 +61,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/mainloop.c ../lxc/mainloop.h \
+ ../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -81,6 +84,7 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/mainloop.c ../lxc/mainloop.h \
+ ../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -121,6 +125,7 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/file_utils.c ../lxc/file_utils.h \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
+ ../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
@@ -164,6 +169,7 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/initutils.c ../lxc/initutils.h \
../lxc/log.c ../lxc/log.h \
../lxc/mainloop.c ../lxc/mainloop.h \
+ ../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/string_utils.c ../lxc/string_utils.h
From 1d332c47dce1bcd19babfd5d7716eb0cdbc3ad50 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 18:25:57 +0200
Subject: [PATCH 13/17] network: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 50 ++++++++++++++++++-
src/lxc/network.h | 118 +++++++++++++++++++++-----------------------
2 files changed, 106 insertions(+), 62 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 84c13eefd1..7c181d44c9 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -127,8 +127,8 @@ liblxc_la_SOURCES = af_unix.c af_unix.h \
memory_utils.h \
mainloop.c mainloop.h \
namespace.c namespace.h \
- nl.c nl.h \
network.c network.h \
+ nl.c nl.h \
monitor.c monitor.h \
parse.c parse.h \
process_utils.c process_utils.h \
@@ -340,6 +340,8 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
rexec.c rexec.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -357,6 +359,8 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_autostart_SOURCES += seccomp.c lxcseccomp.h
@@ -373,6 +377,8 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_cgroup_SOURCES += seccomp.c lxcseccomp.h
@@ -389,6 +395,8 @@ lxc_config_SOURCES = tools/lxc_config.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_config_SOURCES += seccomp.c lxcseccomp.h
@@ -405,6 +413,8 @@ lxc_console_SOURCES = tools/lxc_console.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_console_SOURCES += seccomp.c lxcseccomp.h
@@ -421,6 +431,8 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_destroy_SOURCES += seccomp.c lxcseccomp.h
@@ -437,6 +449,8 @@ lxc_device_SOURCES = tools/lxc_device.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_device_SOURCES += seccomp.c lxcseccomp.h
@@ -453,6 +467,8 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_execute_SOURCES += seccomp.c lxcseccomp.h
@@ -469,6 +485,8 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_freeze_SOURCES += seccomp.c lxcseccomp.h
@@ -485,6 +503,8 @@ lxc_info_SOURCES = tools/lxc_info.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_info_SOURCES += seccomp.c lxcseccomp.h
@@ -503,6 +523,8 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
macro.h \
monitor.c monitor.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_monitor_SOURCES += seccomp.c lxcseccomp.h
@@ -520,6 +542,8 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
log.c log.h \
memory_utils.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_ls_SOURCES += seccomp.c lxcseccomp.h
@@ -536,6 +560,8 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -553,6 +579,8 @@ lxc_start_SOURCES = tools/lxc_start.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_start_SOURCES += seccomp.c lxcseccomp.h
@@ -570,6 +598,8 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
log.c log.h \
mainloop.c mainloop.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_stop_SOURCES += seccomp.c lxcseccomp.h
@@ -587,6 +617,8 @@ lxc_top_SOURCES = tools/lxc_top.c \
log.c log.h \
mainloop.c mainloop.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_top_SOURCES += seccomp.c lxcseccomp.h
@@ -603,6 +635,8 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_unfreeze_SOURCES += seccomp.c lxcseccomp.h
@@ -619,6 +653,8 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -637,6 +673,8 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_wait_SOURCES += seccomp.c lxcseccomp.h
@@ -653,6 +691,8 @@ lxc_create_SOURCES = tools/lxc_create.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -670,6 +710,8 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_snapshot_SOURCES += seccomp.c lxcseccomp.h
@@ -686,6 +728,8 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
initutils.c initutils.h \
log.c log.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_checkpoint_SOURCES += seccomp.c lxcseccomp.h
@@ -725,6 +769,8 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
mainloop.c mainloop.h \
monitor.c monitor.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
process_utils.c process_utils.h \
string_utils.c string_utils.h \
syscall_numbers.h \
@@ -769,6 +815,8 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
macro.h \
memory_utils.h \
namespace.c namespace.h \
+ network.c network.h \
+ nl.c nl.h \
string_utils.c string_utils.h \
syscall_wrappers.h \
utils.c utils.h
diff --git a/src/lxc/network.h b/src/lxc/network.h
index 5e91e4eba5..9b06551b60 100644
--- a/src/lxc/network.h
+++ b/src/lxc/network.h
@@ -10,6 +10,7 @@
#include <sys/socket.h>
#include <unistd.h>
+#include "compiler.h"
#include "list.h"
struct lxc_conf;
@@ -180,107 +181,102 @@ struct lxc_netdev {
};
/* Convert a string mac address to a socket structure. */
-extern int lxc_convert_mac(char *macaddr, struct sockaddr *sockaddr);
+__hidden extern int lxc_convert_mac(char *macaddr, struct sockaddr *sockaddr);
/* Move a device between namespaces. */
-extern int lxc_netdev_move_by_index(int ifindex, pid_t pid, const char *ifname);
-extern int lxc_netdev_move_by_name(const char *ifname, pid_t pid,
- const char *newname);
+__hidden extern int lxc_netdev_move_by_index(int ifindex, pid_t pid, const char *ifname);
+__hidden extern int lxc_netdev_move_by_name(const char *ifname, pid_t pid, const char *newname);
/* Delete a network device. */
-extern int lxc_netdev_delete_by_name(const char *name);
-extern int lxc_netdev_delete_by_index(int ifindex);
+__hidden extern int lxc_netdev_delete_by_name(const char *name);
+__hidden extern int lxc_netdev_delete_by_index(int ifindex);
/* Change the device name. */
-extern int lxc_netdev_rename_by_name(const char *oldname, const char *newname);
-extern int lxc_netdev_rename_by_index(int ifindex, const char *newname);
+__hidden extern int lxc_netdev_rename_by_name(const char *oldname, const char *newname);
+__hidden extern int lxc_netdev_rename_by_index(int ifindex, const char *newname);
-extern int netdev_set_flag(const char *name, int flag);
+__hidden extern int netdev_set_flag(const char *name, int flag);
/* Set the device network up or down. */
-extern int lxc_netdev_isup(const char *name);
-extern int lxc_netdev_up(const char *name);
-extern int lxc_netdev_down(const char *name);
+__hidden extern int lxc_netdev_isup(const char *name);
+__hidden extern int lxc_netdev_up(const char *name);
+__hidden extern int lxc_netdev_down(const char *name);
/* Change the mtu size for the specified device. */
-extern int lxc_netdev_set_mtu(const char *name, int mtu);
+__hidden extern int lxc_netdev_set_mtu(const char *name, int mtu);
/* Create a virtual network devices. */
-extern int lxc_veth_create(const char *name1, const char *name2, pid_t pid,
- unsigned int mtu);
-extern int lxc_macvlan_create(const char *parent, const char *name, int mode);
-extern int lxc_vlan_create(const char *parent, const char *name,
- unsigned short vid);
+__hidden extern int lxc_veth_create(const char *name1, const char *name2, pid_t pid,
+ unsigned int mtu);
+__hidden extern int lxc_macvlan_create(const char *parent, const char *name, int mode);
+__hidden extern int lxc_vlan_create(const char *parent, const char *name, unsigned short vid);
/* Set ip address. */
-extern int lxc_ipv6_addr_add(int ifindex, struct in6_addr *addr,
- struct in6_addr *mcast,
- struct in6_addr *acast, int prefix);
+__hidden extern int lxc_ipv6_addr_add(int ifindex, struct in6_addr *addr, struct in6_addr *mcast,
+ struct in6_addr *acast, int prefix);
-extern int lxc_ipv4_addr_add(int ifindex, struct in_addr *addr,
- struct in_addr *bcast, int prefix);
+__hidden extern int lxc_ipv4_addr_add(int ifindex, struct in_addr *addr, struct in_addr *bcast,
+ int prefix);
/* Get ip address. */
-extern int lxc_ipv4_addr_get(int ifindex, struct in_addr **res);
-extern int lxc_ipv6_addr_get(int ifindex, struct in6_addr **res);
+__hidden extern int lxc_ipv4_addr_get(int ifindex, struct in_addr **res);
+__hidden extern int lxc_ipv6_addr_get(int ifindex, struct in6_addr **res);
/* Set default route. */
-extern int lxc_ipv4_gateway_add(int ifindex, struct in_addr *gw);
-extern int lxc_ipv6_gateway_add(int ifindex, struct in6_addr *gw);
+__hidden extern int lxc_ipv4_gateway_add(int ifindex, struct in_addr *gw);
+__hidden extern int lxc_ipv6_gateway_add(int ifindex, struct in6_addr *gw);
/* Attach an interface to the bridge. */
-extern int lxc_bridge_attach(const char *bridge, const char *ifname);
-extern int lxc_ovs_delete_port(const char *bridge, const char *nic);
+__hidden extern int lxc_bridge_attach(const char *bridge, const char *ifname);
+__hidden extern int lxc_ovs_delete_port(const char *bridge, const char *nic);
-extern bool is_ovs_bridge(const char *bridge);
+__hidden extern bool is_ovs_bridge(const char *bridge);
/* Create default gateway. */
-extern int lxc_route_create_default(const char *addr, const char *ifname,
- int gateway);
+__hidden extern int lxc_route_create_default(const char *addr, const char *ifname, int gateway);
/* Delete default gateway. */
-extern int lxc_route_delete_default(const char *addr, const char *ifname,
- int gateway);
+__hidden extern int lxc_route_delete_default(const char *addr, const char *ifname, int gateway);
/* Activate neighbor proxying. */
-extern int lxc_neigh_proxy_on(const char *name, int family);
+__hidden extern int lxc_neigh_proxy_on(const char *name, int family);
/* Disable neighbor proxying. */
-extern int lxc_neigh_proxy_off(const char *name, int family);
+__hidden extern int lxc_neigh_proxy_off(const char *name, int family);
/* Activate IP forwarding. */
-extern int lxc_ip_forwarding_on(const char *name, int family);
+__hidden extern int lxc_ip_forwarding_on(const char *name, int family);
/* Disable IP forwarding. */
-extern int lxc_ip_forwarding_off(const char *name, int family);
+__hidden extern int lxc_ip_forwarding_off(const char *name, int family);
/*
* Generate a new unique network interface name.
*
* Allows for 62^n unique combinations.
*/
-extern char *lxc_ifname_alnum_case_sensitive(char *template);
-
-extern const char *lxc_net_type_to_str(int type);
-extern int setup_private_host_hw_addr(char *veth1);
-extern int netdev_get_mtu(int ifindex);
-extern int lxc_network_move_created_netdev_priv(struct lxc_handler *handler);
-extern void lxc_delete_network(struct lxc_handler *handler);
-extern int lxc_find_gateway_addresses(struct lxc_handler *handler);
-extern int lxc_requests_empty_network(struct lxc_handler *handler);
-extern int lxc_restore_phys_nics_to_netns(struct lxc_handler *handler);
-extern int lxc_setup_network_in_child_namespaces(const struct lxc_conf *conf,
- struct lxc_list *network);
-extern int lxc_network_send_to_child(struct lxc_handler *handler);
-extern int lxc_network_recv_from_parent(struct lxc_handler *handler);
-extern int lxc_network_send_name_and_ifindex_to_parent(struct lxc_handler *handler);
-extern int lxc_network_recv_name_and_ifindex_from_child(struct lxc_handler *handler);
-extern int lxc_netns_set_nsid(int netns_fd);
-extern int lxc_netns_get_nsid(__s32 fd);
-extern int lxc_create_network(struct lxc_handler *handler);
-
-extern char *is_wlan(const char *ifname);
-extern int lxc_netdev_move_wlan(char *physname, const char *ifname, pid_t pid,
- const char *newname);
+__hidden extern char *lxc_ifname_alnum_case_sensitive(char *template);
+
+__hidden extern const char *lxc_net_type_to_str(int type);
+__hidden extern int setup_private_host_hw_addr(char *veth1);
+__hidden extern int netdev_get_mtu(int ifindex);
+__hidden extern int lxc_network_move_created_netdev_priv(struct lxc_handler *handler);
+__hidden extern void lxc_delete_network(struct lxc_handler *handler);
+__hidden extern int lxc_find_gateway_addresses(struct lxc_handler *handler);
+__hidden extern int lxc_requests_empty_network(struct lxc_handler *handler);
+__hidden extern int lxc_restore_phys_nics_to_netns(struct lxc_handler *handler);
+__hidden extern int lxc_setup_network_in_child_namespaces(const struct lxc_conf *conf,
+ struct lxc_list *network);
+__hidden extern int lxc_network_send_to_child(struct lxc_handler *handler);
+__hidden extern int lxc_network_recv_from_parent(struct lxc_handler *handler);
+__hidden extern int lxc_network_send_name_and_ifindex_to_parent(struct lxc_handler *handler);
+__hidden extern int lxc_network_recv_name_and_ifindex_from_child(struct lxc_handler *handler);
+__hidden extern int lxc_netns_set_nsid(int netns_fd);
+__hidden extern int lxc_netns_get_nsid(__s32 fd);
+__hidden extern int lxc_create_network(struct lxc_handler *handler);
+
+__hidden extern char *is_wlan(const char *ifname);
+__hidden extern int lxc_netdev_move_wlan(char *physname, const char *ifname, pid_t pid,
+ const char *newname);
#endif /* __LXC_NETWORK_H */
From a804cff7497a7b6ca7be79cb0d8deb675d435caa Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 18:38:05 +0200
Subject: [PATCH 14/17] parse: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 24 ++++++++++++++++++++++++
src/lxc/parse.h | 15 +++++++--------
src/tests/Makefile.am | 6 ++++++
3 files changed, 37 insertions(+), 8 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 7c181d44c9..456dded39e 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -342,6 +342,7 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
rexec.c rexec.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -361,6 +362,7 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_autostart_SOURCES += seccomp.c lxcseccomp.h
@@ -379,6 +381,7 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_cgroup_SOURCES += seccomp.c lxcseccomp.h
@@ -397,6 +400,7 @@ lxc_config_SOURCES = tools/lxc_config.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_config_SOURCES += seccomp.c lxcseccomp.h
@@ -415,6 +419,7 @@ lxc_console_SOURCES = tools/lxc_console.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_console_SOURCES += seccomp.c lxcseccomp.h
@@ -433,6 +438,7 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_destroy_SOURCES += seccomp.c lxcseccomp.h
@@ -451,6 +457,7 @@ lxc_device_SOURCES = tools/lxc_device.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_device_SOURCES += seccomp.c lxcseccomp.h
@@ -469,6 +476,7 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_execute_SOURCES += seccomp.c lxcseccomp.h
@@ -487,6 +495,7 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_freeze_SOURCES += seccomp.c lxcseccomp.h
@@ -505,6 +514,7 @@ lxc_info_SOURCES = tools/lxc_info.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_info_SOURCES += seccomp.c lxcseccomp.h
@@ -525,6 +535,7 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_monitor_SOURCES += seccomp.c lxcseccomp.h
@@ -544,6 +555,7 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_ls_SOURCES += seccomp.c lxcseccomp.h
@@ -562,6 +574,7 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -581,6 +594,7 @@ lxc_start_SOURCES = tools/lxc_start.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_start_SOURCES += seccomp.c lxcseccomp.h
@@ -600,6 +614,7 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_stop_SOURCES += seccomp.c lxcseccomp.h
@@ -619,6 +634,7 @@ lxc_top_SOURCES = tools/lxc_top.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_top_SOURCES += seccomp.c lxcseccomp.h
@@ -637,6 +653,7 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_unfreeze_SOURCES += seccomp.c lxcseccomp.h
@@ -655,6 +672,7 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -675,6 +693,7 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_wait_SOURCES += seccomp.c lxcseccomp.h
@@ -693,6 +712,7 @@ lxc_create_SOURCES = tools/lxc_create.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -712,6 +732,7 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_snapshot_SOURCES += seccomp.c lxcseccomp.h
@@ -730,6 +751,7 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_checkpoint_SOURCES += seccomp.c lxcseccomp.h
@@ -771,6 +793,7 @@ lxc_monitord_SOURCES = cmd/lxc_monitord.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
process_utils.c process_utils.h \
string_utils.c string_utils.h \
syscall_numbers.h \
@@ -817,6 +840,7 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
+ parse.c parse.h \
string_utils.c string_utils.h \
syscall_wrappers.h \
utils.c utils.h
diff --git a/src/lxc/parse.h b/src/lxc/parse.h
index 19d2b20bb5..e4808ed0fb 100644
--- a/src/lxc/parse.h
+++ b/src/lxc/parse.h
@@ -13,17 +13,16 @@ typedef int (*lxc_dir_cb)(const char *name, const char *directory,
typedef int (*lxc_file_cb)(char *buffer, void *data);
-__hot extern int lxc_file_for_each_line(const char *file, lxc_file_cb callback,
- void *data);
+__hidden __hot extern int lxc_file_for_each_line(const char *file, lxc_file_cb callback, void *data);
-__hot extern int lxc_file_for_each_line_mmap(const char *file,
- lxc_file_cb callback, void *data);
+__hidden __hot extern int lxc_file_for_each_line_mmap(const char *file, lxc_file_cb callback,
+ void *data);
/* mmap() wrapper. lxc_strmmap() will take care to \0-terminate files so that
* normal string-handling functions can be used on the buffer. */
-extern void *lxc_strmmap(void *addr, size_t length, int prot, int flags, int fd,
- off_t offset);
+__hidden extern void *lxc_strmmap(void *addr, size_t length, int prot, int flags, int fd,
+ off_t offset);
/* munmap() wrapper. Use it to free memory mmap()ed with lxc_strmmap(). */
-extern int lxc_strmunmap(void *addr, size_t length);
+__hidden extern int lxc_strmunmap(void *addr, size_t length);
-#endif
+#endif /* __LXC_PARSE_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 7c26aa0e19..64979d3a63 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -22,6 +22,7 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
+ ../lxc/parse.c ../lxc/parse.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_api_reboot_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -43,6 +44,7 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
+ ../lxc/parse.c ../lxc/parse.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_attach_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -64,6 +66,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
+ ../lxc/parse.c ../lxc/parse.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_cgpath_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -87,6 +90,7 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
+ ../lxc/parse.c ../lxc/parse.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_config_jump_table_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -128,6 +132,7 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
+ ../lxc/parse.c ../lxc/parse.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_parse_config_file_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -172,6 +177,7 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/namespace.c ../lxc/namespace.h \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
+ ../lxc/parse.c ../lxc/parse.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_utils_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
From 92a10958c91a86a217fb4e0d364624aa568d6562 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 18:45:02 +0200
Subject: [PATCH 15/17] process_utils: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 23 +++++++++++++++++++++++
src/lxc/process_utils.h | 14 +++++++-------
src/tests/Makefile.am | 6 ++++++
3 files changed, 36 insertions(+), 7 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 456dded39e..1bfcfcabb7 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -343,6 +343,7 @@ lxc_attach_SOURCES = tools/lxc_attach.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
rexec.c rexec.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -363,6 +364,7 @@ lxc_autostart_SOURCES = tools/lxc_autostart.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_autostart_SOURCES += seccomp.c lxcseccomp.h
@@ -382,6 +384,7 @@ lxc_cgroup_SOURCES = tools/lxc_cgroup.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_cgroup_SOURCES += seccomp.c lxcseccomp.h
@@ -401,6 +404,7 @@ lxc_config_SOURCES = tools/lxc_config.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_config_SOURCES += seccomp.c lxcseccomp.h
@@ -420,6 +424,7 @@ lxc_console_SOURCES = tools/lxc_console.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_console_SOURCES += seccomp.c lxcseccomp.h
@@ -439,6 +444,7 @@ lxc_destroy_SOURCES = tools/lxc_destroy.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_destroy_SOURCES += seccomp.c lxcseccomp.h
@@ -458,6 +464,7 @@ lxc_device_SOURCES = tools/lxc_device.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_device_SOURCES += seccomp.c lxcseccomp.h
@@ -477,6 +484,7 @@ lxc_execute_SOURCES = tools/lxc_execute.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_execute_SOURCES += seccomp.c lxcseccomp.h
@@ -496,6 +504,7 @@ lxc_freeze_SOURCES = tools/lxc_freeze.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_freeze_SOURCES += seccomp.c lxcseccomp.h
@@ -515,6 +524,7 @@ lxc_info_SOURCES = tools/lxc_info.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_info_SOURCES += seccomp.c lxcseccomp.h
@@ -536,6 +546,7 @@ lxc_monitor_SOURCES = tools/lxc_monitor.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_monitor_SOURCES += seccomp.c lxcseccomp.h
@@ -556,6 +567,7 @@ lxc_ls_SOURCES = tools/lxc_ls.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_ls_SOURCES += seccomp.c lxcseccomp.h
@@ -575,6 +587,7 @@ lxc_copy_SOURCES = tools/lxc_copy.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -595,6 +608,7 @@ lxc_start_SOURCES = tools/lxc_start.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_start_SOURCES += seccomp.c lxcseccomp.h
@@ -615,6 +629,7 @@ lxc_stop_SOURCES = tools/lxc_stop.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_stop_SOURCES += seccomp.c lxcseccomp.h
@@ -635,6 +650,7 @@ lxc_top_SOURCES = tools/lxc_top.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_top_SOURCES += seccomp.c lxcseccomp.h
@@ -654,6 +670,7 @@ lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_unfreeze_SOURCES += seccomp.c lxcseccomp.h
@@ -673,6 +690,7 @@ lxc_unshare_SOURCES = tools/lxc_unshare.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h \
syscall_numbers.h \
syscall_wrappers.h
@@ -694,6 +712,7 @@ lxc_wait_SOURCES = tools/lxc_wait.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_wait_SOURCES += seccomp.c lxcseccomp.h
@@ -713,6 +732,7 @@ lxc_create_SOURCES = tools/lxc_create.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
storage/storage_utils.c storage/storage_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
@@ -733,6 +753,7 @@ lxc_snapshot_SOURCES = tools/lxc_snapshot.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_snapshot_SOURCES += seccomp.c lxcseccomp.h
@@ -752,6 +773,7 @@ lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h
if ENABLE_SECCOMP
lxc_checkpoint_SOURCES += seccomp.c lxcseccomp.h
@@ -841,6 +863,7 @@ lxc_usernsexec_SOURCES = cmd/lxc_usernsexec.c \
network.c network.h \
nl.c nl.h \
parse.c parse.h \
+ process_utils.c process_utils.h \
string_utils.c string_utils.h \
syscall_wrappers.h \
utils.c utils.h
diff --git a/src/lxc/process_utils.h b/src/lxc/process_utils.h
index 61b0e412b7..e0157c631b 100644
--- a/src/lxc/process_utils.h
+++ b/src/lxc/process_utils.h
@@ -209,7 +209,7 @@ int clone(int (*fn)(void *), void *child_stack, int flags, void *arg, ...
* - should call lxc_raw_getpid():
* The child should use lxc_raw_getpid() to retrieve its pid.
*/
-extern pid_t lxc_clone(int (*fn)(void *), void *arg, int flags, int *pidfd);
+__hidden extern pid_t lxc_clone(int (*fn)(void *), void *arg, int flags, int *pidfd);
/*
@@ -239,8 +239,8 @@ extern pid_t lxc_clone(int (*fn)(void *), void *arg, int flags, int *pidfd);
* - must call lxc_raw_getpid():
* The child must use lxc_raw_getpid() to retrieve its pid.
*/
-extern pid_t lxc_raw_clone(unsigned long flags, int *pidfd);
-extern pid_t lxc_raw_legacy_clone(unsigned long flags, int *pidfd);
+__hidden extern pid_t lxc_raw_clone(unsigned long flags, int *pidfd);
+__hidden extern pid_t lxc_raw_legacy_clone(unsigned long flags, int *pidfd);
/*
* lxc_raw_clone_cb() - create a new process
@@ -253,8 +253,8 @@ extern pid_t lxc_raw_legacy_clone(unsigned long flags, int *pidfd);
* All other comments that apply to lxc_raw_clone() apply to lxc_raw_clone_cb()
* as well.
*/
-extern pid_t lxc_raw_clone_cb(int (*fn)(void *), void *args,
- unsigned long flags, int *pidfd);
+__hidden extern pid_t lxc_raw_clone_cb(int (*fn)(void *), void *args, unsigned long flags,
+ int *pidfd);
#ifndef HAVE_EXECVEAT
static inline int execveat(int dirfd, const char *pathname, char *const argv[],
@@ -285,7 +285,7 @@ static inline pid_t lxc_raw_gettid(void)
#endif
}
-extern int lxc_raw_pidfd_send_signal(int pidfd, int sig, siginfo_t *info,
- unsigned int flags);
+__hidden extern int lxc_raw_pidfd_send_signal(int pidfd, int sig, siginfo_t *info,
+ unsigned int flags);
#endif /* __LXC_PROCESS_UTILS_H */
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index 64979d3a63..c0ea315a8c 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -23,6 +23,7 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
+ ../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_api_reboot_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -45,6 +46,7 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
+ ../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_attach_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -67,6 +69,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
+ ../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_cgpath_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -91,6 +94,7 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
+ ../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_config_jump_table_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -133,6 +137,7 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
+ ../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_parse_config_file_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -178,6 +183,7 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/network.c ../lxc/network.h \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
+ ../lxc/process_utils.c ../lxc/process_utils.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_utils_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
From 0b07c6c1624683443b1db7b4b27a6d699c303f19 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 18:46:13 +0200
Subject: [PATCH 16/17] rexec: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/rexec.h | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/lxc/rexec.h b/src/lxc/rexec.h
index 1889b2b644..198d6cb08f 100644
--- a/src/lxc/rexec.h
+++ b/src/lxc/rexec.h
@@ -3,6 +3,8 @@
#ifndef __LXC_REXEC_H
#define __LXC_REXEC_H
-extern int lxc_rexec(const char *memfd_name);
+#include "compiler.h"
+
+__hidden extern int lxc_rexec(const char *memfd_name);
#endif /* __LXC_REXEC_H */
From f6fea47396eae592b7111086dd16a2b8ffba855c Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 20 Jul 2020 18:49:55 +0200
Subject: [PATCH 17/17] ringbuf: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/ringbuf.h | 10 ++++++----
src/tests/Makefile.am | 6 ++++++
2 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/src/lxc/ringbuf.h b/src/lxc/ringbuf.h
index dbbc7dacae..889b6e65ce 100644
--- a/src/lxc/ringbuf.h
+++ b/src/lxc/ringbuf.h
@@ -8,6 +8,8 @@
#include <stdio.h>
#include <sys/mman.h>
+#include "compiler.h"
+
/**
* lxc_ringbuf - Implements a simple and efficient memory mapped ringbuffer.
* - The "addr" field of struct lxc_ringbuf is considered immutable. Instead the
@@ -29,10 +31,10 @@ struct lxc_ringbuf {
*
* @param[in] size Size of the new ringbuffer as a power of 2.
*/
-extern int lxc_ringbuf_create(struct lxc_ringbuf *buf, size_t size);
-extern void lxc_ringbuf_move_read_addr(struct lxc_ringbuf *buf, size_t len);
-extern int lxc_ringbuf_write(struct lxc_ringbuf *buf, const char *msg, size_t len);
-extern int lxc_ringbuf_read(struct lxc_ringbuf *buf, char *out, size_t *len);
+__hidden extern int lxc_ringbuf_create(struct lxc_ringbuf *buf, size_t size);
+__hidden extern void lxc_ringbuf_move_read_addr(struct lxc_ringbuf *buf, size_t len);
+__hidden extern int lxc_ringbuf_write(struct lxc_ringbuf *buf, const char *msg, size_t len);
+__hidden extern int lxc_ringbuf_read(struct lxc_ringbuf *buf, char *out, size_t *len);
static inline void lxc_ringbuf_release(struct lxc_ringbuf *buf)
{
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index c0ea315a8c..6a6f5ff281 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -24,6 +24,7 @@ lxc_test_api_reboot_SOURCES = api_reboot.c \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
../lxc/process_utils.c ../lxc/process_utils.h \
+ ../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_api_reboot_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -47,6 +48,7 @@ lxc_test_attach_SOURCES = attach.c \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
../lxc/process_utils.c ../lxc/process_utils.h \
+ ../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_attach_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -70,6 +72,7 @@ lxc_test_cgpath_SOURCES = cgpath.c \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
../lxc/process_utils.c ../lxc/process_utils.h \
+ ../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_cgpath_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -95,6 +98,7 @@ lxc_test_config_jump_table_SOURCES = config_jump_table.c \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
../lxc/process_utils.c ../lxc/process_utils.h \
+ ../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_config_jump_table_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -138,6 +142,7 @@ lxc_test_parse_config_file_SOURCES = parse_config_file.c \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
../lxc/process_utils.c ../lxc/process_utils.h \
+ ../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_parse_config_file_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
@@ -184,6 +189,7 @@ lxc_test_utils_SOURCES = lxc-test-utils.c \
../lxc/nl.c ../lxc/nl.h \
../lxc/parse.c ../lxc/parse.h \
../lxc/process_utils.c ../lxc/process_utils.h \
+ ../lxc/ringbuf.c ../lxc/ringbuf.h \
../lxc/string_utils.c ../lxc/string_utils.h
if ENABLE_SECCOMP
lxc_test_utils_SOURCES += ../lxc/seccomp.c ../lxc/lxcseccomp.h
More information about the lxc-devel
mailing list